Google Play Store Infected with 3 of 4000 Malicious Android Spy Apps, Now Removed

SonicSpy-malware on Google Play Store

Though Google constantly updates its Play Store and takes measures to prevent malicious apps from making their way into the Android ecosystem, a few apps have recently breached the security wall.

Earlier this year, Google removed a malware called ‘‘System Update” which was there for almost three years. Now, the recent malicious app has gained access to Google Play, a further warning to Android users of the risks of downloading third party apps.

The report says that more than 4000 spyware apps have bombarded Android users since February this year; of these, three apps were successful in making their way into Google Play Store. The study of the code and several traits suggests that the developer is located in Iraq; the research is still ongoing to find out more details about its origin.

Soniac, one of the three apps, is portrayed as a messaging app but carries the capabilities of a malicious app. The app controls the Android smartphone remotely; the Soniac app poses to be a customized version of the instant messaging app Telegram and silently performs malicious activities.

According to Lookout, the mobile security firm, the app had around 1000-5000 downloads before Google turned it off. The app has the capability to silently record audio, make call and send text messages, and it also retrieves logs, contacts, and information about Wi-Fi. The app, once installed, removes the launcher icon to hide it, and will start executing its hidden functionality.

The other two similar apps are Hulk Messenger and Troy Chat, which were also identified to be malicious; and their sudden disappearance is a little suspicious. Did Google remove them or did the creators pull them out after Soniac was kicked out?

Lookout, on identifying the malicious app and its threat, has sent an advisory to Android users about the risks of installing third party apps.

The researcher, Michael Flossman, has further identified that there was a similar malicious app called SpyNote which was reported by security firm Palo Alto Networks last year. Flossman suspects that SonicSpy is under active development, and that there is a possibility of it making a comeback in the future.

Lately, Google has announced the use of Artificial Intelligence to fight the malicious apps problem. But the recent incident has left most Android users wondering what else Google has in store to weed out malicious apps from its Play Store.

Thanks for visiting. Please support 1redDrop on social media: Facebook | Twitter

Source 1 Source 2