60,000 Android Apps Were Malware

John Lister's picture

More than 60,000 Android apps contained a nasty piece of malware designed to steal banking information. The scam doesn't target the official Google Play store, but rather third-party sources.

The rogue apps fall into two main categories. Some are designed to closely resemble real, popular apps. Others are promoted as "modded" versions of genuine apps that are supposedly identical but with an alteration that supposedly removes ads or a requirement to pay a subscription.

In reality, the scammers have taken the genuine apps, copied them, and made one modification. Unfortunately that modification is to insert malware. (Source: csoonline.com)

In both cases, the idea is to find victims who are using search engines to find apps, whether they are simply looking for the real title, or intentionally looking for "modded" versions.

Automated Approach

Bitdefender, which spotted the malware, says the sheer number of apps involved is a sign the scammers are using automated tools to create the apps. (Source: bitdefender.com)

It's definitely a case of playing the numbers game as the scam should only work on people who are willing to install third-party apps (i.e. not installed through Google Play), but get fooled by both the apps and the request for financial details.

That may be a very low percentage, but a lower percentage of the entire Android user base can still make for a profitable audience of victims.

Uninstalling Made Harder

The people behind the malware have also found a way that was originally designed to boost security. In theory, it's no longer possible to hide an app's icon in Android, a move scammers used to reduce the chances of people uninstalling it and removing the malware.

However, the scammers have found a way to produce a bogus message saying "application is unavailable", which gives the false impression that the rogue app wasn't installed in the first place. They've also used a hidden symbol such that the app will always appear at the very end of a list of apps installed on the device, making it harder to spot.

As always, the best advice is to be extremely wary of installing apps from third-party sources, and exercise additional skepticism if doing so. It's also key to remember that searching for and installing "modded" apps could bring extra security risks as well as potentially breaching copyright and other laws.

What's Your Opinion?

Do you ever use third-party sources for apps? Do people who search for "modded" apps deserve any malware that comes with them? Should Google follow Apple's lead in effectively blocking any apps from sources other than the official store?

Rate this article: 
Average: 4.3 (6 votes)


Chief's picture

The fact they put an unprintable character in the app name to have it appear LAST on the list is a great clue that something is amiss.

For that one tidbit, this article was awesome.

Thank you!