Google wiped out from the Play Store 13 applications that secretly download malware when installed.
Google Play Store houses millions of apps and games. Sometimes, the Android marketplace can be a dangerous place, with a few app developers sneaking malicious content into it.
Lookout Security, a mobile security company, discovered the 13 apps infected by malware. It is worth noting, though, that the malicious apps were uncovered in third-party Android marketplaces, not on the official Google Play Store.
Reportedly, these apps use a clever technology to significantly increase their download numbers, making them appear very popular and safe.
The truth is, they covertly download other malicious apps. These apps are also automatically given positive reviews and high ratings, with the owner of the compromised device unaware of the process.
Some apps even go as far as attempting to gain root privileges to the device, letting these apps remain installed even if the owner already applied a factory reset.
"Specifically, it attempts to detect if a device is rooted, and if so, copies several files to the /system partition in an effort to ensure persistence, even after a complete factory reset," says Lookout researcher Chris Dehghanpoor. "This behavior is very similar to several other malware families we've seen recently, specifically Shedun, ShiftyBug and Shuanet."
Dehghanpoor says that Google was quick to pull these malicious apps from the Play Store. He also ensures that the firm will continue its effort in monitoring for new variants.
How To Remove These Infected Apps
Dehghanpoor says that a factory resets is not an adequate solution to remove these malware-infected apps, as they do not clear the /system partition of the device.
The best way to remove them, he says, is to perform a backup of the files you would like to save, then continue reflashing a ROM supplied by the device maker.
List Of Infected Apps
Make sure you have not installed these 13 malicious apps that are now barred from the Google Play Store:
• Jump Planet
• Cake Blast
• Crazy Block
• Honey Comb
• Tiny Puzzle
• Crazy Jelly
• Piggy Jump
• Ninja Hook
• Eat Bubble
• Just Fire
• Cake Tower
• Hit Planet
• Drag Box
In August last year, we reported that malicious apps can hack iDevices. These apps reportedly have the capacity to transfer data to remote servers. It was reported that both jailbroken and non-jailbroken phones are vulnerable to these malware-infected apps.
Network security firm FireEye unearthed the iOS hacks while it was examining around 400 GB of corporate data.
FireEye said that a few malicious apps emulate real apps, including the popular ones, such as WhatsApp, Facebook, Facebook Messenger and more. When installed on Apple devices through a link outside the official App Store, these malicious apps transmit sensitive personal data to remote servers.