Check Point posted in its blog that more than 100 apps on Google Play have been infiltrated by the spyware Android.Spy.277.origin masquerading as well-known legitimate apps. Once installed, malware is downloaded and the user tricked into installing it through social engineering. Installed malware then transmits the user's data or pops up advertising messages for click fraud.
Google's admission in its latest Android security report that there is 0.15% chance of downloading potential malware from Google Play was immediately challenged by IT security vendor Check Point: More than 100 malware have been identified on the Google Play market that may be used to steal personal details or engage in click fraud.
Check Point, a leading Israeli IT security vendor, revealed on its blog that Google is having difficulty curbing malware in its Google Play app market. The post revealed that the malware "Android.Spy.277.origin" alone has infiltrated more than 100 apps in Google Play.
The majority of these apps are disguised as well-known legitimate apps. Once the user installs these malicious apps, the hacker then causes the mobile phone to download a malicious APK named "polacin.io". The user is also tricked through social engineering to agree to the APK's installation. Once installed, the malware begins transmitting large amounts of information including the user's e-mails and location to a remote C&C server.
The malware also pops up advertising messages which trick users into clicking on them in return for revenue. It also displays other messages telling the user that their device may have battery or other performance problems to trick the user into installing other "recommended" fraud apps.
Google has removed the above malicious apps discovered by Check Point. Nevertheless, Check Point still discovered other malicious apps exhibiting similar behavior. Some have even achieved between 1 to 5 million downloads.
Check Point said that there is still evidently a lack of sound security awareness among Android app developers. Many well-known apps such as Skype or even Google's own Gmail all have potential; vulnerabilities in how they share data with other apps and this increases the risk of the user's details being compromised.
IT security experts warn consumers that they must remain cautious off even apps downloaded from the official app market. There is no guarantee that apps downloaded from the official market are 100% safe.