Some malicious malware has hit the Google Play Store and researchers at the security firm Lookout are urging users to stay away from and delete them they have already been downloaded. The family of malicious smartphone app have been referred to as SonicSpy, and at least three versions of the malware that are able to remotely control infected phones are on the Google Play store.
Those who install the malicious messaging apps will be given full messaging functionality, but in the background the apps are able to take control of the users phone and access a variety of basic phone functions. Such as making calls and sending text messages as well as receiving the users personal data off of the phone such as call logs, contacts, and Wi-Fi data. Lookout believes that a developer, possibly based in Iraq, built over a thousand of these malicious apps by weaving spy functions into public source code for a popular and legitimate messaging app known as Telegram.
The other apps unfortunately, have been successful on the Google Play store and were known as Soniac, Hulk Messenger, and Troy Chat before they were pulled. Lookout Messenger Michael Flossman stated in an email to Ars Technica a website that covers the latest technology news, that the apps may be spreading through texts such as phishing texts (random texts sent from an unknown number to masses of people) with download links, or through sources outside the non-Google app markets. An example being that one of the malicious apps, Soniac is still listed on a site known as App Geyser. “The actors behind this family have shown that they’re capable of getting their spyware into the official app store, and its build process is automated.” This could mean that more deceptive apps could make their way into the Play Store again without the Google noticing.
Unfortunately the use of underhanded and stealthy tactics in order to get malicious malware apps in the app stores is becoming more and more common and advanced, malware is even being spread through games, such as the “Judy” series of cooking and lifestyle mobile games which have been spreading malware after they were able to slip by Google’s app screening process. Lookout states that as many as 47 out of 1,000 Android devices have “encountered an app-based threat” and in order for users to protect themselves from these apps, Lookout urges users not to download any apps from websites nor from suspicious texts, as well as being on the lookout for any suspicious apps on the Google Play store and reporting them.
Featured via Wikimedia Commons