Phishing Goes Mobile: New Android Malware Hits Google Play

By on

Sometimes, things just aren’t as they seem to be. For example, last year, Google Play hosted a round of mobile games that were, in actuality, malicious applications. A lot of victims downloaded those supposed games and had their security compromised. It’s a familiar, and often repurposed attack. It’s also becoming increasingly common on mobile platforms, most recently surfacing through new Android malware.

That’s right: cybercriminals are adapting phishing attacks — attacks that trick users into giving up personal or sensitive information by posing as a trusted service — to the mobile world. They’re doing so by developing and publishing faux applications and updates that closely mimic trusted services, even if those services don’t normally have a mobile presence.

In particular, we’re seeing two types of attacks: one that comes in the form of downloadable applications and another in the form of corrupt “software updates” pushed onto victims if the right conditions are met. The former’s malicious applications are so convincing in appearance that they bypass Google’s vetting system for sifting legitimate from malicious apps. Conversely, the latter chooses to piggyback on the legitimacy of an authority — in this case, Google’s authority over the Chrome mobile browser — in order to convince victims to download a malicious update package.

So how are these attacks slipping through the cracks? Each style of attack has its own answer. In the threat involving disguised malicious apps, for example, the apps don’t actually do anything malicious on their own. Instead, they refer victims to well-crafted, lookalike login pages of banking and payment websites in order to collect credentials. The threat involving corrupt updates, as BGR reports, prey on victims who’ve disabled default security, posing as official app updates on phony sites. This threat also disables any existing security software on a victim’s device.

These are both scary, skillful ways cybercriminals can dodge malware detection while taking advantage of the trusted names used by banks, app stores and major software companies.

While the malicious applications in question are targeting people who use digital banking and payments services for cryptocurrency like Bitcoin, any mobile user could face these threats. This type of attack could easily be repurposed for other applications and, potentially, deliver greater damage.

So how can you make sure the applications you want to download are legitimate? Here are a few tips:

  • Investigate developer credentials. Google Play is Android’s default app store. It’s also the safest store for Android devices. Still, some malicious apps get through. If you’re going to download an app, read the reviews and check the developer’s credentials at the bottom of the app’s page in the store.
  • Don’t turn off default security settings. Some malicious activities can bypass virus detectors and app stores if a user modifies a device’s default security settings. Jailbreaking and rooting—technical activities that bypass default security settings to customize devices—can add functionality, but at the cost of your security. It’s not a trade worth making.
  • Use a reliable, mobile security solution. Installing a comprehensive security solution like McAfee Mobile Security can keep your device secure from any cybercriminal’s malicious ploys—whether you use iOS or Android.


Categories: Consumer Threat Notices
Tags: , ,

One comment on “Phishing Goes Mobile: New Android Malware Hits Google Play

Leave a Comment

Similar articles

A new banking trojan has emerged and is going after users’ Android devices. Dubbed Cerberus, this remote access trojan allows a distant attacker to take over an infected Android device, giving the attacker the ability to conduct overlay attacks, gain SMS control, and harvest the victim's contact list. What's more, the author of the Cerberus ...
Read Blog
5G has been nearly a decade in the making but has really dominated the mobile conversation in the last year or so. This isn’t surprising considering the potential benefits this new type of network will provide to organizations and users alike. However, just like with any new technological advancement, there are a lot of questions ...
Read Blog