Bogus hacking Android apps offered on Google Play
Posted on 12.09.2013
Getting your Android apps from Google Play is always a better bet than picking them up from third party online marketplaces, but you also can't be completely sure you won't stumble upon malicious or at least extremely annoying apps.

While doing a routine "patrol" of popular Android app markets, McAfee researchers have discovered a whole host of bogus apps - hacking tools, utility tools, pornographic apps - that only pretend to do what they say they do, and in the meantime push unwanted ads and apps onto users:

"Once installed by the victim, the apps appear to work at first but in fact they simply display screens with interactions that are all fake, using hard-coded or random values generated by the code to seem legitimate. In short, these apps are fake or joke applications," explains Yukihiro Okutomi.

The ad modules bundled up with them keep bombarding the user with ads even when the app is not in use. Some of them can scan the device and see what apps are already installed (so they can offer others), and one even tries to download a bogus AV app called Armor for Android.

These apps are offered by various registered developers that every now and then get the boot from Google Play, but immediately open new accounts with a different name and continue to peddle the apps under changed names but often similar claims about their capabilities (usually those that legitimate apps are unable to offer - Facebook hacking, WiFi hacking, etc.).


The big picture of protecting and securing Big Data

Today almost every company is dealing with big data in one way or another – including customer data, tracking data, and behavioral marketing information – connecting every aspect of our lives. While this is a cutting edge use of technology, data monitoring can become dangerous when placed in the wrong hands.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Aug 28th