A Rogue Spyware Hits Google Play Store
Many users prefer Android over iOS due to the openness of the platform, but a recent report highlights this may be the biggest downfall of the Android operating system. People buy Android phones due to an extensive range of apps in the Google Play store, much more than in competitors’ stores. One of the key reasons for more number of apps is the relaxed regulation on what can be published on this marketplace. Recent research has cautioned Google Android users to be vigilant as a “Malicious” spyware app that does not serve its purpose has hit the store leaving millions of devices at risk.
App With Hidden Malicious Intentions
The spyware app nicknamed RB Music or Radio Balouch is a fully working streaming radio app for Balouchi music lovers with hidden malicious intentions. ESET researchers have found that this spyware app is built on AhMyth’s open-source espionage tool and abducts personal data of its victims. AhMyth, an open-source remote access spyware, was made available for the public in late 2017 and many apps have been built on the foundations of this malware. Nonetheless, Radio Balouch is the first app that has dodged Google’s app-vetting process.
The spyware-ridden app was quickly removed after ESET researchers discovered and reported it to Google, but the attackers were able to put the app back on the marketplace after some time. It was again reported and removed. The data-stealing functionality enables the application to steal information, harvest passwords/documents/spreadsheets or other media files, and send SMS messages from the infected phone surreptitiously.
Luckily ESET detected and reported this spyware tool, and the app had netted just over 100 installs by the time it was removed from the store.
Is It a Wake-up Call for Google?
The repeated appearance of this malicious spyware serves as an alarming call to Android users and Google’s security team. The fact that this app was able to circumvent the store’s safeguarding capabilities twice means Google must work on to improve its malware detection algorithms. Android users should also keep their smartphones up-to-date and install antivirus. Lastly, they should be cautious in giving permissions to apps and read reviews before installing any.