Over half a million users were able to install Android malware that posed as driving games from own app store of Google.
A security researcher at ESET named Lukas Stefanko tweeted some information about 13 gaming apps created by the same developer. According to Tech Crunch, the said gaming apps were downloadable from Google Play during the time of Stefanko's tweet. He shared two of the apps were even trending at the store, which gives the apps greater exposure. If combined, the apps have already surpassed 580,000 installs before Google pulled the plug.
Those who plan to download the apps might be expecting a truck or car driving game. Unfortunately, they obtained what seemed to be a buggy app that crashes every time it opened.
Actually, the app reportedly downloads a payload from another domain, which is registered to an app developer located in Istanbul. The scenario was installing malware behind the scenes and the icon of the app was deleted in the process due to this. No information was divulged about what the malicious apps do. The malware scanners do not seem to agree on what the malware does base on an uploaded sample seen at the VirusTotal. The only for sure now is that the malware has persistence. It launches every time the Android phone, tablet, and any device has started up. The malware also has a "full access" to the network traffic, which the malware author can use to steal secrets.
They earlier mentioned source revealed they reached out to the Istanbul-based domain owner named Mert Ozek. However, he was not able to respond to the outlet's email. It is safe to say this is another embarrassing security lapse for Google. The prominent internet giant has been facing criticism for the longest time because of its laid-back approach to an app and mobile security in compare to Apple. The latter is known for its restrictive and selective approach over which apps are allowed to enter its walled garden.
Google has spent years trying to do what's best for Android security as they continue to include better security features and more granular app permission controls. Sadly, the company continued to battle against malicious apps in the Google Play app store. This becomes one of the greatest threats to Android user security. Google reportedly got 700,000 malicious apps from its app store last year alone.
In line with this, they tried to improve the back-end in order to prevent malicious apps from getting into the store in the first place. This move from Google still was not enough at the end of the day.
