Google Removes 13 More Malicious Android Apps From Google Play

Google has removed 13 malicious Android apps masquerading as games in Google Play, after it emerged they were capable of executing unauthorised commands and code difficult to remove.

The applications in question contained malware similar to that included in two other malicious apps, both called Brain Test, which were removed by Google in September. Each instance of the app was downloaded up to 500,000 times and between 200,000 and 1 million Android users were impacted.

The primary purpose of the malware is to download other applications so those behind the activity could guarantee a minimum number of installs to other developers.

Android malware

However, security experts at Lookout said the structure of the apps and its capabilities mean they could also be used for more sinister activities. A factory reset is not enough to remove the malware, with a re-flashed ROM from the device manufacturer mentioned as the only option.

Lookout identified a number of applications that looked like they had been written by the same developer as Brain Test in October and in December found that one called Cake Tower received an update that allowed it to perform many of the same functions.

It appears as though the developers had spent the previous two to three months testing what titles and techniques they could use to get applications on Google Play without detection, before activating the sleeping software.

The 13 apps were described as games, with names like Jump Planet, Crazy Jelly and the aforementioned Cake Tower, with high ratings and numerous downloads. Lookout said the reason behind the high ratings can be attributed to the fact that infected devices were submitting reviews and because the games were actually fun to play.

Cake Tower was downloaded between 10,000 and 50,000 times and had a rating of 4.5 after 23,175 reviews, while another, Honey Comb, was downloaded up to one million times and had a rating of 4.5 following 79,878 submissions.

Fake apps

Google was notified about the applications and they were removed “promptly”, according to Lookout, which said this type of activity to guarantee downloads was nothing new, it was concerning that so many apps were able to get onto the marketplace.

“What differentiates this particular situation, though, is the delivery mechanism: where PC malware is typically served through misleading advertisements or drive-by-downloads, this malware made it onto a mainstream app store, and in some cases, obtained over 500,000 downloads and an average 4.5 rating before removal,” said Lookout.

“While it’s definitely true that users are considerably safer when downloading only from a mainstream source like the Google Play Store, we recommend users remain cautious and use additional security software to ensure the safety of their device.”

The presence of dodgy software on Google Play has long been a security concern, with many posing as games and other apps, performing hidden functions, harvesting user details and contacting premium rate phone numbers. However even the walled garden of the App Store isn’t immune from infections.

Are you a security pro? Try our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

TikTok ‘Halts E-Commerce Expansion Plans’

TikTok reportedly scraps plans to expand TikTok Shop livestream commerce in Europe and US after…

8 hours ago

European Parliament Passes Landmark Tech Regulations

European Parliament votes to adopt Digital Markets Act and Digital Services Act, but campaigners warn…

9 hours ago

Indian Economic Police Raid Offices Of Smartphone Maker Vivo

Indian economic crime agency Enforcement Directorate raids dozens of locations across India belonging to China's…

11 hours ago

French Music Service Deezer Slumps On Market Debut

Spotify and Apple Music competitor Deezer falls below opening price after long-delayed IPO in Paris…

11 hours ago

Foxconn Expects Stronger Sales In Spite Of Economic Gloom

iPhone manufacturer Foxconn revises full-year expectations upward amidst strong consumer and data centre demand, bucking…

12 hours ago

Samsung ‘To See Profits Jump’ On Data Centre Demand

Industry analysts expect Samsung's profits to jump 15 percent for the second quarter as strong…

13 hours ago