Here we go again…
Once again Google has found itself having to remove Android gaming apps from the official Google Play store after security researchers discovered that they were secretly making unauthorised downloads and attempting to gain root privileges.
Some of the apps had received as many as one million downloads, according to a blog post by security firm Lookout.
Lookout identified a total of 13 malicious apps in the Google Play store: Cake Blast, Jump Planet, Honey Comb, Crazy Block, Crazy Jelly, Tiny Puzzle, Ninja Hook, Piggy Jump, Just Fire, Eat Bubble, Hit Planet, Cake Tower, and Drag Box.
According to the researchers, compromised devices could be subverted into downloading further malicious apps from the Google Play store, inflating download stats, and post bogus positive reviews:
It appears the primary goal of the malware is to download and install additional APKs as directed by the command-and-control server. The developers also used infected devices to download other malicious applications they had submitted to the Play Store, which would inflate the number of downloads each application received.
While the malware’s primary motive is likely selling guaranteed application-installs, its flexible design could allow the developers to utilize infected devices for more nefarious purposes if they desired.
High download figures and many positive reviews don’t just encourage other Android users to download apps, but might also trick them into believing that the apps can be trusted.
According to Lookout, the apps appear to have been written by the same developers responsible for the Brain Test family of malware, which made headlines after being discovered in the Google Play store last September.
You can find out more about the malicious Brain Test app, and view some tips about how to better protect your Android device from similar attacks, in the video I have made last year about the incident, and subscribe to my YouTube channel if you wish.
As I said at the time, there has been a long history of Android malware. Much of it has appeared on unofficial third-party sites, but with disturbing regularity malware has also sneaked its way into the official Google Play app store too, lending trojans and adware the undeserved halo of legitimacy.
Of course, the spectre remains that there are likely to be further malicious apps, perhaps created by different developers, still lurking undetected within the official Google Play store.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
Admittedly I'm a cynic (I don't actually think they're playing a game although I can see how it might appear that way to some) but that this isn't really my cynicism so much as wanting to make the pun: It seems to me that Google thinks that security and privacy (which obviously go together) are a game to play with their customers (and others who might not be customers but are affected nonetheless by their actions). Of course, the reality is it is no laughing matter and neither is it a game, but it does seem something like whack-a-mole (or I guess the game is 'whac-a-mole' – I don't recall that but I'm thankful it isn't general amnesia so much it's been a long time since I've been to an arcades) with Google where the mole is instead a virus.
You need to add google chrome to your list of malware apps.
Proof: I never use the app on my device. I disable it. Background data usage for chrome and google play store are disabled. Updates are restricted to wifi only and my wifi is always disabled.
Result: Google chrome will automatically download and install updates on my device using my mobile data without warning or authorization. Google software CAN NOT BE REMOVED or deleted from my android device. Google software STEALS personal info including device ID, contacts, email and phone and GPS location settings, then uploads the information to google servers. Google sells this information to undisclosed third parties.
Google software is Malware.