Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware Posing As Official Google Play Store Evades Most Security Checks

Posted by timothy on from the ok-ok-using-ios-doesn't-count dept.

DavidGilbert99 (2607235) writes Mobile malware on Android is nothing new, but now security company FireEye has discovered in the Google Play store a sophisticated piece of malware which is posing as....the official Google Play store. Using the same icon but a different name, the malware is not being detected by the vast majority of security vendors, is difficult to uninstall and steals your messages, security certificates and banking details.

4 of 100 comments (clear)

  1. Uh... by msauve · · Score: 2, Insightful

    Can I buy a link? Timothy strikes again.

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
  2. You mean the malware isn't Google Play itself by Rosco+P.+Coltrane · · Score: 5, Insightful

    I mean, with the recent dumbing down of fine-grained authorizations when installing apps, it's Google Play itself that feels like a security liability.

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
  3. Re:Umm.. by Jiro · · Score: 3, Insightful

    The malware is named "Googl app stoy".

    If you're dumb enough to download something spelled that way, you deserve, well, almost anything.

  4. Re:Android Security by gstoddart · · Score: 2, Insightful

    Because Google values their ability to sell advertising over user security would be my guess.

    Remember, it's their phone, you're only using it under license -- because Google has long since given up any pretense of the whole "do no evil" thing.

    I see so many things list their permissions and think "WTF would you need these permissions for, and why on Earth would I give them to you?" And then I cancel the download.

    --
    Lost at C:>. Found at C.