13 Newly Discovered Malicious Apps, Deleted By Google From the Play Store
Google for a decade now has been keeping with its promise of securing Android as they see fit. The search giant has introduced a huge permission system change in Marshmallow, version 6.0 which gave the end-user granular control with the permissions an app receives. Those old versions from Lollipop to Ice Cream Sandwich, Google has released Google Play Protect as an embedded feature in Google Play Store, Android’s native antivirus functionality which blocks installation of a known malicious app in the device.
Though less strict than Apple’s iOS App Store, Google Play Store’s apps are also vetted by Google and automated inspection for malicious code continues even after the app was initially uploaded to the store for hosting. Taking down of apps has again happened, as recently Google deleted thirteen apps from being hosted in Google Play Store. These 13 apps were pretending to be game apps, but with built-in trojan horse that harms the users. With 1 billion+ unique active device per month, Android has reached a point that is fully affected by the law of large numbers, which means anything bad that may happen in Android may happen in some form or another given its huge install base.
It took Google quite a while with the help of ESET, a mainstream antimalware vendor to double check the existence of the 13 malicious apps, which collectively were downloaded by users at least 500,000 times before the takedown.
“Don’t install these apps from Google Play – it’s malware. Details: 13 apps; all together 560,000+ installs; after launch, hide itself icon; downloads additional APK and makes user install it (unavailable now); 2 apps are #Trending; no legitimate functionality,” explained Lukas Stefanko of ESET in his official Twitter Post.
The 13 apps require another external app named Game Center, which can only be sideloaded into Android. This same Game Center is a pretend app, it pretends to perform a very critical service for the 13 games to run, but it just a stub to generate ad revenue for the app developer. The 13 apps that were taken down are the following:
- Truck Cargo Simulator
- Extreme Car Driving
- City Traffic Moto Racing
- Moto Cross Extreme
- Hyper Car Driving Simulator
- Extreme Car Driving
- FireFighter – Fire Truck Simulator
- Car Driving Simulator
- Extreme Sport Car SUV
- 4×4 Driving Simulator
- Luxury Cars SUV Simulator
- Luxury Car Parking
- SUV City Climb Parking
With ESET’s initial investigation, a single person named Luiz Pinto developed all the apps mentioned above. From the reports submitted by ESET to Google, the apps mentioned are not regular game apps, but often crash and displays common forced closed errors when launched. But a portion of those apps’ functionality is still running in the background creating loopholes for a malicious 3rd party can take advantage of.
Google will continue to be alert with malicious apps being uploaded to the Google Play Store for the foreseeable future of the platform. The search giant also through Google Play Services can initiate automatic removal of malicious apps from the phone, as they have demonstrated countless of times in the past.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.