Google Play Store, New MobSTSPY malware
By Umair Ahmed
In the Internet world it is not always easy to keep your privacy and personal data safe: very often even seemingly harmless and reputed tools that are very trustworthy can betray users. Once again it’s time to tell you a story of malware landed on android devices via Google Play Store.
Several applications uploaded to Google Play with the intention of distributing MobSTSPY malware have been detected by researchers at Trend Micro.
A new analysis by Trend Micro shows that the MobSTSPY malware would have infected at least 100,000 android smartphones, stealing the account credentials of their respective holders; all this happened by downloading some games and some applications from the Google Play Store. Many of the games in question (free) were apparently harmless, one of them is Flappy Birr Dog, clone version of the famous Flappy Bird. At the time of their publication on Google Play Store, these applications did not include the malware in question, which was added via a subsequent update, thus eluding the less stringent controls of Google.
All of the malicious apps — Flappy Birr Dog, Flappy Bird, FlashLight, HZPermis Pro Arabe, Win7imulator and Win7Launcher — have now been removed from Google Play.
The MobSTSPY malware then immediately searched for credentials and sensitive data, connecting to the server of their developers and transferring everything they found: it seems to focus on the details of the Internet, the main features of the device, its origin and the country of origin, but potentially could also quietly read SMS, see the contact list and files downloaded to smartphones, as well as screenshots, audio and data from WhatsApp. Google has already confirmed that it has removed all the games and applications that were charged with the Google Play Store , but of course smartphones may still be infected.
