News
Google Play apps can steal text messages to complete purchases
Although Android malware has been born for many years, considering that the official app store has a mature and rigorous review process, many users are not aware that there is also a slippery fish in the Google Play store.
Online users who have learned about the previous malware cleanup operations clearly know that the developers of these apps are particularly good at hiding themselves, with incubation periods ranging from a few weeks to several months.
Currently, another security researcher exposed a batch of Android malware hidden in the Play Store. These malware developers are racking their brains to find other ways, like submitting legal and pure versions of image editors or puzzle games in a pretentious manner and then introducing actual malicious code through subsequent updates.
The way this Android malware work is also quite interesting. For example, certain purchase operations need to be implemented by sending a PIN SMS verification code, and developers will use the Notification Listener function.
The malware can reach several ulterior secrets without asking for SMS read permission. In addition to not being able to work as advertised in the app store, some users also reported that unauthorized purchase records appeared on their phones.
These malicious apps were ultimately traced back to the source. Fortunately, these Android malware detection methods are not complicated.
Friends who are not worried about this can try to scan the Android system carefully through the mobile version of anti-virus software launched by major network security companies. McAfee states they are deeper cooperation with Google, to clear out these App from the Play Store.