Google Removes Malicious App From Play Store

Tom Jowitt,

Google purges “evil” Malapp from Play Store that disguised itself as genuine program and sent premium SMS messages

Google has removed a malicious application posing as a popular batter monitoring app from Google Play, following revelations from security firm Zscaler

The ‘evil’ app spoofed BatteryBot Pro from Darshan Computing, which costs £2.49, but the rogue version was available for free.

Those unfortunate enough to install it, soon discovered that it would use their smartphones to send premium-rate text messages and display pop-up adverts. It also prevented people from deleting the app.

Android app

android Fake ID flaw Bluebox“The spoofed app had the package name of ‘com.polaris.BatteryIndicatorPro’ and was removed from the Play Store as soon as Google became aware of it’s malicious intent,” said Zscaler.

“Upon installation of the malicious app, it demanded administrative access, which clearly portrays the motive of malware developer to obtain full control access of the victim’s device,” said the security company. “Once the permission is granted, the fake app will provide the same functionality to the victim found in the original version of BatteryBot Pro but performs malicious activity in the background.”

Besides the above mentioned behaviour, the app also sought to gather details from the victims smartphone, including their IMEI number, the phone operator, location, language, phone model and SIM card availability.

It also downloaded and installed additional malicious APKs without the user’s consent, and displayed pop-up ads to the user.

“The Malware we saw in this blog was designed with multiple evil intentions including ClickFraud, AdFraud, Premium rate SMS fraud and the download & installation of additional malicious APKs,” said the security vendor. “A few traces of command execution were also seen in the app but were not fully implemented. Perhaps the developer is working on an upgraded version of the malware with proper ‘command-execution’ functionality.”

Android Security

The latest rogue app continues to raise questions about the security of the Android operating system. Google has pledged to improve the security with the next edition of Android (Android M).

Antivirus solutions provider Bitdefender warned in May that Android users risk having their mobile devices and private content locked by ransomware that demands $500 to restore access.

Trend Micro has previously warned that the Google Play Store was riddled with malware, after it found 455 malicious apps on the official Android marketplace in 2012. Trend also discovered a select group of 17 rogue applications had been downloaded over 700,000 times. Some of those apps tracked users’ location, calls and messages.

Are you a security guru? Try our quiz!