Google has mocked the security protocols of multiple companies over the years however, this time it seems karma has come to bite back the company. Apparently Google Play store is not as safe as the company claims, Play Store has been known to attract shady Android apps although there is a proper method of malware detection. In a recent incident reported by a security firm ESET, researchers explained that open-source spyware invaded the app store not once but twice.
Although, the screening process finally worked and the management finally deleted the app but it took 24 hours for Google to recognize any discrepancy. According to the report, the app was published twice on Google Play, once in the 2nd day of July and the second time on 13th July. Google removed the app after 24 hours however, the app is available on third-party app stores.
The app of Radio Balouch is an official radio app that broadcasts music however, it also includes AhMyth that is a remote access tool that is available on GitHub since 2017. Although the actual websites “radiobalouch.com is not available now, the attackers have got their hands on the app and they are promoting this app on YouTube and Instagram. Collectively the app has gathered century of its installs which means that people are falling prey to it.
After the launch, the application has a selection where it asks to access the files and contacts that available in the device just like any other app, and since most of the people don’t read anything they seem to accept it. These details in the target device are then shared and the victim seems to have no clue about the situation.
In worse case scenarios, the information extracted from the device was sent encrypted by using an HTTP connection. The fact that working spyware incorporated itself by bypassing common protocol is quite alarming especially for the company. Moreover, it seems there is a way even after removal, the company allowed the app to be published again. This raises a lot of concerns and questions about the scanning and security procedures and it leaves a big question mark on the security of the millions of users who seem to rely on Google play store.
Photo: Michael Short/Bloomberg via Getty Images
Read next: AV-TEST's Research Explains why you should Immediately Switch from Google Play Protect to another App for Securing your Android Device!
Although, the screening process finally worked and the management finally deleted the app but it took 24 hours for Google to recognize any discrepancy. According to the report, the app was published twice on Google Play, once in the 2nd day of July and the second time on 13th July. Google removed the app after 24 hours however, the app is available on third-party app stores.
The app of Radio Balouch is an official radio app that broadcasts music however, it also includes AhMyth that is a remote access tool that is available on GitHub since 2017. Although the actual websites “radiobalouch.com is not available now, the attackers have got their hands on the app and they are promoting this app on YouTube and Instagram. Collectively the app has gathered century of its installs which means that people are falling prey to it.
After the launch, the application has a selection where it asks to access the files and contacts that available in the device just like any other app, and since most of the people don’t read anything they seem to accept it. These details in the target device are then shared and the victim seems to have no clue about the situation.
In worse case scenarios, the information extracted from the device was sent encrypted by using an HTTP connection. The fact that working spyware incorporated itself by bypassing common protocol is quite alarming especially for the company. Moreover, it seems there is a way even after removal, the company allowed the app to be published again. This raises a lot of concerns and questions about the scanning and security procedures and it leaves a big question mark on the security of the millions of users who seem to rely on Google play store.
Photo: Michael Short/Bloomberg via Getty Images
Read next: AV-TEST's Research Explains why you should Immediately Switch from Google Play Protect to another App for Securing your Android Device!
