1 min read

Google Play Removes App With 500,000 Downloads After Catching It Harvest User Data

Vlad CONSTANTINESCU

December 17, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Google Play Removes App With 500,000 Downloads After Catching It Harvest User Data

A popular Android app with over 500,000 downloads was removed from Google Play earlier today after security researchers detected that it was hosting a dangerous strain of malware.

The malicious component stealthily used the app to collect personal data from unsuspecting users and send it to a remote server that appears to be in Russia.

To be more specific, the malware was noticed harvesting users’ contacts before dispatching them to the perpetrator’s server. Subsequently, users would be signed-up for expensive subscriptions and services, potentially through the contact info they unwittingly provided to the app-malware symbiote.

The app, called Color Message, was used to personalize text messaging in various ways, such as sending emojis through SMS/MMS, blocking spam, customizing app themes and encrypting messages.

Reportedly, the app hosted a malware strain known as Joker, which is notorious for frequently surfacing in various apps and infecting millions of Android devices. To complicate things even more, presumably, Color Message could hide its icon after it was deployed on the target device, which is uncommon without root access or third-party apps or libraries.

Joker is currently one of the most prolific strains of malware, having infected millions of users by infiltrating hundreds of Android apps. What makes this malicious component so dangerous is that its small code footprint helps it go unnoticed most of the time, combined with the cunning methods its developers use to hide it.

Joker belongs to the Fleeceware family, which describes malware mobile apps that comprise hidden and often expensive subscription fees.

Aside from targeting users with hidden fees, this malware can intercept text messages and simulate clicks to covertly sign up unsuspecting users to expensive subscription plans. Google Play has a built-in malware and app scanner, but unfortunately, some malicious components still manage to slip through the defenses.

To avoid being exposed to dangerous situations, users are advised to download apps from tested and proven developers.

Furthermore, users should avoid granting too many permissions to installed apps, especially when they have little or nothing to do with the apps’ functionality.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison
Vlad CONSTANTINESCU

December 05, 2022

1 min read
Hive Social Taken Offline as ‘Critical Vulnerabilities’ Could Expose Private Messages, Other Data Hive Social Taken Offline as ‘Critical Vulnerabilities’ Could Expose Private Messages, Other Data
Filip TRUȚĂ

December 05, 2022

1 min read
Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info
Alina BÎZGĂ

December 02, 2022

2 min read