Moneycontrol PRO
you are here: HomeNewsTechnology

Is your phone safe? Google has just purged these 145 apps from Play Store

The infected apps were found to be live since October 2017. Any devices carrying these apps installed on their phones are vulnerable to malicious attacks.

August 09, 2018 / 05:56 PM IST

In a startling development, Google found  a total of 145 apps on Play Store laced with malicious files. These identified apps have been removed by the search giant from its store. However, users who have these apps installed on their phones are at a risk of having their sensitive data compromised.

The infected apps were found to be live since October 2017. Any devices carrying these apps installed on their phones are vulnerable to malicious attacks. Most of these apps can be found in the tutorial category - 'Gymnastics Training Tutorial','Learn to Draw Clothing' and more. Palo Alto Networks is the company discovering these malicious apps and then notifying Google about the same.

These malicious files are ineffective within the Android ecosystem, designed specifically to initiate an attack on the users' computer once it is connected to the Android device carrying these apps and infected with the files. In fact some of these apps identified as dangerous, have already been downloaded a hundreds of times, reports suggest.

The malware that was found in these 145 apps, are equipped with the ability to gather private data of the users who download and install these apps. While the malware is unable to attack the Android devices directly, they are designed in such a way that they get activated when the phone is plugged into a Windows machine for the purpose of file transfer or charging.

One key file in particular, was found to be present across all affected apps  - a keylogger. The keylogger would capture the keystrokes of users, gathering data o be provided to the hackers.

Close

The report mentions: 'On a Windows system, this keylogger attempts to log keystrokes, which can include sensitive information like credit card numbers, social security numbers, and passwords'.

The malicious files inside these apps would reportedly take a fake name - including COPY_DOKKEP.exe, Android.exe, my music.exe, js.exe, gallery.exe, images.exe, msn.exe and css.exe.
Moneycontrol News
first published: Aug 9, 2018 05:55 pm
Sections
ISO 27001 - BSI Assurance Mark