Google Play is the official app store for the Android operating system that enables users to download apps made by the Android development kit and published via the search engine giant. It appears that a group of attackers has been utilizing the official Android app store to spread sophisticated malware. According to a new report, this particular malware is being used to steal private data and has been around since 2016.
A recent report from Kaspersky Lab claimed that a Trojan backdoor was discovered on Google Play by Doctor Web back in July 2019. According to the cybersecurity and antivirus provider, this kind of discovery is a rare occurrence but not unheard of. Additionally, the report described the PhantomLance Trojan backdoor as a sophisticated type of malware that is not only hard to sense but also to investigate.
According to Kaspersky Lab, the said malware essentially gain access and collects all information stored on an infected smartphone. With the malware installed on the smartphone, it could provide attackers with lists of installed apps, call logs, location data, text messages, to name a few. Surprisingly, the PhantomLance Trojan backdoor was found on some apps in Google Play Store, promising to wipe clean smartphones from junk files.
The report further revealed that the first casualties of the PhantomLance Trojan backdoor were users from Vietnam. However, it turned out that the affected apps were also downloaded by users from other parts of the world. Currently, the report suspects that the hacking group called OceanLotus could be behind the trojan. The team has a reputation and history of malware attacks executed directly on desktop operating systems.
According to the report, the search engine giant already removed the infected apps from the Google Play Store. In other words, users have nothing to worry about getting their smartphones infected by the said malware. However, those who have downloaded and installed the infected should install antivirus software and remove the apps.
The recent report from Kaspersky Lab is a reminder that users should be cautious in downloading apps on the Google Play Store, and from the internet in general. There is no guarantee that everything online is safe and secure. Being aware of this kind of attack makes users more careful clicking and installing apps on their smartphones.
For an extra layer of security, it is vital that users should always check the authenticity of the developer behind the app that they want to install. At present, there are approximately 2.5 billion devices running on the Android operating system.
