These Google Play Apps Are Secretly Recording Your Personal and Financial Data (Beware Android Smartphone Users)

Malicious apps found on Google Play Store have been secretly recording the motion-sensor of Android devices. By doing so, they have been trying to avoid being detected. This tracking is done to not being detected by emulators used by researchers prior to installing the banking Trojan-horse.

Usually, the emulators used by security researchers or Google employee who screen the apps do not make use of sensors. This has led to the idea of recording the motion sensor of the devices. This malware will only work once the motion is detected.

Two of the Google Play apps have been caught using the malware by Trend Micro, a security intelligence firm. One of them is BatterySaverMobi with around 5000 downloads and second is Currency Converter which does not show any download numbers. These were then taken down from the apps store by Google.

Google Play malware utilized smartphones’ motion sensors to conceal itself

These malicious apps not only detect the motion by installing Anubis on victim device. Responses over Twitter and Telegram were also used to look for command and control server. Kevin Sun, a researcher at Trend Micro states that they then register on C&C server which examines commands through an HTTP POST request. The Anubis payload would be set in the background in case the response to the app from the server is with an APK command along with download URL. It then persuades users to update the system by tricking them to install the app.

Some Android Apps Steal Banking Information, Use Motion Sensor to Evade Detection From Google Play Store Moderators

Personal data of the victim can easily be gathered by the attacker if Anubis is installed successfully. According to Sun, contacts, and locations can be detected. Moreover, messaging, making phone calls or audio recordings could also be done through the attacked device.

It is advised to Android users to be careful while installing any app from the Google Play store. Also, try to go for the apps which are more credible rather than unknown developers.

No comments:

Post a Comment