Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

Google puts malware in the Trending page in the Play Store - over half million download as a result

GoodBytes
 Share

A series of malware has made it on the Google's Play Store, where they are disguised as mobile games with attractive icons and screenshots, managed to get some of them reach Trending page, allowing the malware to get over half million downloads. These malware disguised as games, were discovered by the security researcher, Lukas Stefanko, from the security company ESET, and since it has reached the media, Google has finally taken the apps down.

 

NDTV reports:

Quote

Google is said to have removed 13 apps from Google Play after a security researcher found that the apps were installing malware on devices. More than half a million Android users have downloaded and installed malicious apps on their devices, the researcher claimed. The apps not only showed no legitimate functionality but also hid in the handsets to make it easier to install malware. Interestingly, two of these apps had also featured under the 'trending' section on the store. These apps, listed as car and truck driving simulations, are no longer available on the Play Store.


Some of these Android apps include a truck simulator, fire truck simulator, luxury car driving simulator among others, and the thumbnail images show graphics identical to most legitimate gaming apps. According to Stefanko, the discovered apps would hide themselves and their icons after users launched them. Also, they would be asked to install additional APK called 'Game Center', even though they did not have any legitimate functionality. The researcher has also posted some videos demonstrating how the apps would work.

 

As also noted by NDTV, this is the not the first time Google slip malware to its Store. Last year, 41 malware managed to reach the store affecting between 8.5 to 36.5 million people. (the big range is because Google aren't sharing exact download numbers), and also, again, last year, million of users where affected by a botnet.

 

Quote

It is not the first time that a huge number of Android users have been affected by malicious apps containing malware. Last year, an auto-clicking adware called Judy was discovered on 41 apps and said to have affected between 8.5 million and 36.5 million Android devices. Also, another botnet malware called FalseGuide had reportedly infected millions of Android devices via Google Play.

Source: https://gadgets.ndtv.com/apps/news/google-pulls-13-android-apps-installed-over-500-000-times-containing-malware-report-1952366

 

How these fake games that doesn't even actually run passes Google app store validation system is very surprising. Clearly, especially that this is not the first time, Google system is not working.

I mean it is one thing if this was a game where it managed to fool Google with hidden code. But here it doesn't even actually run (well it does, on the back, infecting the user).

Link to comment
Share on other sites

Link to post
Share on other sites

7 minutes ago, GoodBytes said:

How these fake games that doesn't even actually run passes Google app store validation system is very surprising

what validation? ? as someone who has uploaded to gooogle play store (but deleted it due to me realiseing i done goofed with collisions and such)  i know all you do is pay the $25 for a dev account and upload your game.... no validation just a one time payment of $25 and i bunch of forms to fill out for EVERY game

✧・゚: *✧・゚:*  Quote for a reply  *:・゚✧*:・゚✧

 

✧・゚: *✧・゚:*   Ask for discord   *:・゚✧*:・゚✧

Link to comment
Share on other sites

Link to post
Share on other sites

14 minutes ago, iLostMyXbox21 said:

what validation? ? as someone who has uploaded to gooogle play store (but deleted it due to me realiseing i done goofed with collisions and such)  i know all you do is pay the $25 for a dev account and upload your game.... no validation just a one time payment of $25 and i bunch of forms to fill out for EVERY game

??????????????????????????????

NEW PC build: Blank Heaven   minimalist white and black PC     Old S340 build log "White Heaven"        The "LIGHTCANON" flashlight build log        Project AntiRoll (prototype)        Custom speaker project

Spoiler

Ryzen 3950X | AMD Vega Frontier Edition | ASUS X570 Pro WS | Corsair Vengeance LPX 64GB | NZXT H500 | Seasonic Prime Fanless TX-700 | Custom loop | Coolermaster SK630 White | Logitech MX Master 2S | Samsung 980 Pro 1TB + 970 Pro 512GB | Samsung 58" 4k TV | Scarlett 2i4 | 2x AT2020

 

Link to comment
Share on other sites

Link to post
Share on other sites

why is this a news?  a app managed to get enough attention and optimization that a algorithm AI decided to promote it

Oh wait it was again one of those anti virus selling company blogs and media love these stories. Just like the random warning for malware attacks on refrigerators by the BSI president (Germany).

Link to comment
Share on other sites

Link to post
Share on other sites

google is known for not giving a shit about it's play store, they put stuff on the front page based on how much money the developer offers them. this is why i search for game/app recommendations in other locations (like reddit) then search for them specifically in the app store so i know i'm getting the right one

🌲🌲🌲

Judge the product by its own merits, not by the Company that created it.

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, Arika S said:

 

google is known for not giving a shit about it's play store, any of their products

 

Fixed that.

Come Bloody Angel

Break off your chains

And look what I've found in the dirt.

 

Pale battered body

Seems she was struggling

Something is wrong with this world.

 

Fierce Bloody Angel

The blood is on your hands

Why did you come to this world?

 

Everybody turns to dust.

 

Everybody turns to dust.

 

The blood is on your hands.

 

The blood is on your hands!

 

Pyo.

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, James Evens said:

why is this a news?  a app managed to get enough attention and optimization that a algorithm AI decided to promote it

Oh wait it was again on of those anti virus selling company blogs and media love these stories. Just like the random warning for malware attacks on refrigerators by the BSI president (Germany).

13 apps (well supposedly game), 2 reach trends, and that is just 1 case.

As mentioned, other apps made it in the past as well. This is NOT a one off event.. this is a reoccurring issue which Google has little to no interest in fixing or even improving. They always made no claims, says nothing, beside removing the apps, and hope the story is quickly forgotten, as if already having these apps remove is a big favor it is asked from the company. That is the issue. Google does not take security of the devices running its own OS seriously.

Link to comment
Share on other sites

Link to post
Share on other sites

Google looking for a Sandbox environment for apps to run in*

 giphy.gif.c80c7f6207ceb5c336265bd0f24dad37.gif

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | CPU: R5 2600 | Mobo: ASRock B450M Pro4 | RAM: 16GB 2666 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 10 | Storage: 480GB PNY SSD & 2TB WD Green HDD | PSU: Corsair CX600M | Display: Dell 27 Gaming Monitor S2719DGF 1440p @155Hz, Dell UZ2215H 21.5" 1080p, ViewSonic VX2450wm-LED 23.6" 1080p | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G303 | Audio: Audio Technica ATH-M50X & Blue Snowball
Link to comment
Share on other sites

Link to post
Share on other sites

I was curious about the apps and the source link didn't disappoint

 

Spoiler

image.png.6ed31cc2b417dbd76985be2c250a4756.png

 

So yeah, it was "these kind".  You know what they're like and what I'm talking about if you've ever seen one played, and the style is distinctive so it's not hard to tell when it's one of "those".  Idk who these are fooling, even if they weren't malware they're shit so how they managed to get 500M downloads is beyond me.

 

These things are a dime a dozen and clutter the store.  Just look at the racing section right now:

Spoiler

image.png.244e77ddc380b164b4b4c3d55bde0335.png

 

Odds are some of these are actually good and maybe not even malware (in fact I know that for a fact), but the majority... *sigh*

 

I'm not at all surprised people were fooled into thinking these were more of the same, I'm baffled that so many people "play" these in the first place.

Solve your own audio issues  |  First Steps with RPi 3  |  Humidity & Condensation  |  Sleep & Hibernation  |  Overclocking RAM  |  Making Backups  |  Displays  |  4K / 8K / 16K / etc.  |  Do I need 80+ Platinum?

If you can read this you're using the wrong theme.  You can change it at the bottom.

Link to comment
Share on other sites

Link to post
Share on other sites

Link to comment
Share on other sites

Link to post
Share on other sites

Does this mean I should stop randomly installing games based on the pictures?

 

 

 

 

 

 

 

 

 

/s

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites

Link to post
Share on other sites

One thing that Apple does great at is maintaining a safe platform. I wish Google would buck their ideas up and do something about Android.

System Specs:

CPU: Ryzen 7 5800X

GPU: Gigabyte RTX 3080 Gaming OC

RAM: 32GB 3600MHz

HDD: 1TB Sabrent NVMe -  WD 1TB Black - WD 2TB Green -  WD 4TB Blue

MB: Gigabyte  B550 Gaming X- RGB Disabled

PSU: ThermalTake 750W Smart BX1 - RGB Disabled

Case: BeQuiet! Silent Base 801 Black

Cooler: DeepCool Castle 360EX

 

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

and that's why I use F-Droid.

Google should do like Steam and have the front page be tailored to users preferences, and just like Steam let people set their own blacklist.

Bonus points if blacklists can be shared

One day I will be able to play Monster Hunter Frontier in French/Italian/English on my PC, it's just a matter of time... 4 5 6 7 8 9 years later: It's finally coming!!!

Phones: iPhone 4S/SE | LG V10 | Lumia 920

Laptops: Macbook Pro 15" (mid-2012) | Compaq Presario V6000

Link to comment
Share on other sites

Link to post
Share on other sites

Is there any evidence that Google actually put these apps there or is that just trending doing what trending does and automatically putting popular apps in the list?

Main Rig:-

Ryzen 7 3800X | Asus ROG Strix X570-F Gaming | 16GB Team Group Dark Pro 3600Mhz | Corsair MP600 1TB PCIe Gen 4 | Sapphire 5700 XT Pulse | Corsair H115i Platinum | WD Black 1TB | WD Green 4TB | EVGA SuperNOVA G3 650W | Asus TUF GT501 | Samsung C27HG70 1440p 144hz HDR FreeSync 2 | Ubuntu 20.04.2 LTS |

 

Server:-

Intel NUC running Server 2019 + Synology DSM218+ with 2 x 4TB Toshiba NAS Ready HDDs (RAID0)

Link to comment
Share on other sites

Link to post
Share on other sites

Link to comment
Share on other sites

Link to post
Share on other sites

5 minutes ago, Nicnac said:

quasi-immune

Which translates to: just as vulnerable as any normal shitty OS like android or windows.

 

If you need security you need mainframe style, secure by design software, with hardware root of trust. Consumer products generally dont have those features.

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, Amazonsucks said:

Which translates to: just as vulnerable as any normal shitty OS like android or windows.

 

If you need security you need mainframe style, secure by design software, with hardware root of trust. Consumer products generally dont have those features.

I'd say an apple user is more "guarded" in apple's ecosystem. Of course if you are actively looking for shit on the web and downloading it you can probably get every device infected but especially for not that tech-savy people it's harder to have their iphone hacked than their android phone which isn't to say it's not possible at all. All depends on what level of security we are talking. After all no one is safe :P 

 

My Folding Stats

 

X  Vigilo Confido  X

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

5 minutes ago, Nicnac said:

I'd say an apple user is more "guarded" in apple's ecosystem. Of course if you are actively looking for shit on the web and downloading it you can probably get every device infected but especially for not that tech-savy people it's harder to have their iphone hacked than their android phone which isn't to say it's not possible at all. All depends on what level of security we are talking. After all no one is safe :P 

What x code ghost proved is that Apple's walled garden approach is just as insecure as Google Play though...

 

Apple users have the false sense of security that the walled garden works but people who deal with cybersecurity issues should know better.

Link to comment
Share on other sites

Link to post
Share on other sites

25 minutes ago, Amazonsucks said:

What x code ghost proved is that Apple's walled garden approach is just as insecure as Google Play though...

 

Apple users have the false sense of security that the walled garden works but people who deal with cybersecurity issues should know better.

Basically anything connected to the internet is vulnerable, nothing is safe. 

🌲🌲🌲

Judge the product by its own merits, not by the Company that created it.

Link to comment
Share on other sites

Link to post
Share on other sites

Headline is misleading. Google didn't put it there. It implies Google approved of or knowingly put malware infected apps on the store's trending page. In reality it's the same algorithm problem as per usual.

5 hours ago, DrMacintosh said:

Google looking for a Sandbox environment for apps to run in*

 giphy.gif.c80c7f6207ceb5c336265bd0f24dad37.gif

Android is sandboxed.

Link to comment
Share on other sites

Link to post
Share on other sites

8 hours ago, Ryan_Vickers said:

I was curious about the apps and the source link didn't disappoint

 

  Hide contents

image.png.6ed31cc2b417dbd76985be2c250a4756.png

 

So yeah, it was "these kind".  You know what they're like and what I'm talking about if you've ever seen one played, and the style is distinctive so it's not hard to tell when it's one of "those".  Idk who these are fooling, even if they weren't malware they're shit so how they managed to get 500M downloads is beyond me.

  

These things are a dime a dozen and clutter the store.  Just look at the racing section right now:

  Hide contents

image.png.244e77ddc380b164b4b4c3d55bde0335.png

 

Odds are some of these are actually good and maybe not even malware (in fact I know that for a fact), but the majority... *sigh*

 

I'm not at all surprised people were fooled into thinking these were more of the same, I'm baffled that so many people "play" these in the first place.

These clones are also plaguing the iOS App Store as well and hiding the actual good car games like Assoluto. Probably mostly played by children as their physics are a joke and the gameplay is practically none existent . My guess is that there is some sort of asset in Unity that these """Developers""" keep flipping.

If you want to reply back to me or someone else USE THE QUOTE BUTTON!                                                      
Pascal laptops guide

Link to comment
Share on other sites

Link to post
Share on other sites

So, "Play Protect" doesn't seem to do anything apparently... Use a proper antivirus. They are not CPU or battery intensive anyway.

AMD Ryzen 7 5800X | ASUS Strix X570-E | G.Skill 32GB 3733MHz CL16 | PALIT RTX 3080 10GB GamingPro | Samsung 850 Pro 2TB | Seagate Barracuda 8TB | Sound Blaster AE-9 MUSES Edition | Altec Lansing MX5021 Nichicon/MUSES Edition

Link to comment
Share on other sites

Link to post
Share on other sites

14 minutes ago, RejZoR said:

So, "Play Protect" doesn't seem to do anything apparently... Use a proper antivirus. They are not CPU or battery intensive anyway.

Since play protect, the 3 times weekly malware news fell off drastically. This is the first I heard of in a bit. Play Protect is doing its job. No AV is bullet proof but I am not sure when Play Protect kicks in or how often.

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share


×