Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware Posing As Official Google Play Store Evades Most Security Checks

Posted by timothy on from the ok-ok-using-ios-doesn't-count dept.

DavidGilbert99 (2607235) writes Mobile malware on Android is nothing new, but now security company FireEye has discovered in the Google Play store a sophisticated piece of malware which is posing as....the official Google Play store. Using the same icon but a different name, the malware is not being detected by the vast majority of security vendors, is difficult to uninstall and steals your messages, security certificates and banking details.

13 of 100 comments (clear)

  1. Link? by Anonymous Coward · · Score: 4, Interesting

    Dear submitter,

    Link me to an article. I don't want to search for the company's announcement, and I don't want to just take your word for it.

    1. Re:Link? by DavidGilbert99 · · Score: 5, Informative

      Here is the link: http://www.ibtimes.co.uk/malwa... I submitted it to Slashdot but it failed to publish it.

  2. Uh... by msauve · · Score: 2, Insightful

    Can I buy a link? Timothy strikes again.

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
    1. Re:Uh... by chrisv · · Score: 3, Informative

      From the original submission: http://www.ibtimes.co.uk/malwa...

      --

      Dogma: Dead (mostly because your Karma ran it over)

    2. Re:Uh... by Little_Professor · · Score: 4, Informative

      Here is the link to the original blog posting by the security company FireEye http://www.fireeye.com/blog/technical/2014/06/what-are-you-doing-dsencrypt-malware.html

  3. You mean the malware isn't Google Play itself by Rosco+P.+Coltrane · · Score: 5, Insightful

    I mean, with the recent dumbing down of fine-grained authorizations when installing apps, it's Google Play itself that feels like a security liability.

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
  4. Link? by devjoe · · Score: 4, Informative

    Not sure how this brief blurb with no link got posted, but here is a link to an actual story.

  5. Re:Umm.. by Jiro · · Score: 3, Insightful

    The malware is named "Googl app stoy".

    If you're dumb enough to download something spelled that way, you deserve, well, almost anything.

  6. Exposes a defect in Android by tepples · · Score: 4, Informative
    According to the article (clickable link for the lazy):
    • The app is titled "googl app stoy". To start with, that's a trademark infringement.
    • If the user can install an app that the same user cannot uninstall, the mechanism allowing the app to do this is a defect in Android.
  7. Install vector? by gstoddart · · Score: 2

    So I R'd TFA, and I can't see anything which says *how* you get this. Or if it's in there I can't find it.

    I assume it either piggy backs on something else downloaded from the app store, or comes in from someone enabling apps to come from other places.

    The fact that an application can even disable the uninstall feature is pathetic.

    And, sadly, Google has removed even more permissions control, so this will only get worse.

    I still maintain I should be able to go in at any time and remove permissions from apps -- because, quite frankly, why something like a Flashlight needs access to my messages and contacts has always been a mystery.

    --
    Lost at C:>. Found at C.
    1. Re:Install vector? by gstoddart · · Score: 2

      Are you an Apple customer?

      Yes. And an Android customer. And a Microsoft customer. And a VMWare customer. I've also been a Solaris customer in the past. I've also got Linux and FreeBSD boxes.

      And I have a really awesome collection of tin-foil hats.

      Did you have some kind of point?

      --
      Lost at C:>. Found at C.
  8. Re:Android Security by gstoddart · · Score: 2, Insightful

    Because Google values their ability to sell advertising over user security would be my guess.

    Remember, it's their phone, you're only using it under license -- because Google has long since given up any pretense of the whole "do no evil" thing.

    I see so many things list their permissions and think "WTF would you need these permissions for, and why on Earth would I give them to you?" And then I cancel the download.

    --
    Lost at C:>. Found at C.
  9. Re:Umm.. by Anonymous Coward · · Score: 4, Funny

    Citation required

    "Apple manages to keen their app store malware free, why can't Google?"
    -- BasilBrush, Slashdot comment #47273651

    There ya go...