Malware Posing As Official Google Play Store Evades Most Security Checks

DavidGilbert99 (2607235) writes Mobile malware on Android is nothing new, but now security company FireEye has discovered in the Google Play store a sophisticated piece of malware which is posing as....the official Google Play store. Using the same icon but a different name, the malware is not being detected by the vast majority of security vendors, is difficult to uninstall and steals your messages, security certificates and banking details.

Link?

Dear submitter,

Link me to an article. I don't want to search for the company's announcement, and I don't want to just take your word for it.

Re:Link?

[DavidGilbert99]

Here is the link: http://www.ibtimes.co.uk/malwa... I submitted it to Slashdot but it failed to publish it.

You mean the malware isn't Google Play itself

[Rosco+P.+Coltrane]

I mean, with the recent dumbing down of fine-grained authorizations when installing apps, it's Google Play itself that feels like a security liability.

Link?

[devjoe]

Not sure how this brief blurb with no link got posted, but here is a link to an actual story.

Exposes a defect in Android

[tepples]

According to the article (clickable link for the lazy):

• The app is titled "googl app stoy". To start with, that's a trademark infringement.
• If the user can install an app that the same user cannot uninstall, the mechanism allowing the app to do this is a defect in Android.

Re:Uh...

[Little_Professor]

Here is the link to the original blog posting by the security company FireEye http://www.fireeye.com/blog/technical/2014/06/what-are-you-doing-dsencrypt-malware.html

Re:Umm..

Citation required

"Apple manages to keen their app store malware free, why can't Google?"
-- BasilBrush, Slashdot comment #47273651

There ya go...