Thursday, December 16, 2021

 

DIGITAL LIFE


Google Play application sends user data to server in Russia

An Android app with more than 500,000 downloads from Google Play has been caught hosting malware that secretly sends users' contacts to a server controlled by the attacker and subscribes users to expensive signatures, a security company reported.

The application, called Color Message, was still available on Google's servers at the time this post was being prepared. Google removed it more than three hours after I asked the company for a comment.

Apparently, Color Message improves text messaging by doing things like adding emojis and blocking unwanted text. But according to Pradeo Security researchers said on Thursday, Color Message contains a family of malware known as Joker, which has infected millions of Android devices in the past.

“Our analysis of the Color Message application via the Pradeo Security engine shows that it accesses users' contact list and leaks it over the network,” the company's blog stated. “At the same time, the app automatically subscribes to unwanted paid services, without the users' knowledge. To make removal difficult, the application has the ability to hide its icon once installed"

The Pradeo discovery marks only the latest instance of Google hosting malicious ''wares'' that harm users of its Android mobile operating system. While the company scans apps for malware and regularly removes large numbers of submissions proactively, there's no shortage of apps that Google misses. The frequent reports of rogue apps available through Play tarnish a clean security scorecard for the mobile operating system, at least as is available on Pixel devices powered by Google.

Joker falls into a category of malware known as Fleeceware. It simulates clicks and intercepts text messages in an attempt to surreptitiously subscribe users to paid premium services they never intended to buy. The Joker is difficult to detect due to the small footprint of its code and the techniques its developers use to hide it. In recent years, malware has been found lurking in hundreds of applications downloaded by millions of people.

In addition to sending users' contacts to a server that appears to be located in Russia and subscribing to unwanted services, Color Message also fails to disclose the extent of actions the application can take on users' devices.

As usual, Android users should be cautious before downloading apps. A good rule of thumb is to download apps only when they provide a real benefit and then choose those made by well-known companies when possible. People should also read user reviews for reports of malice.

mundophone

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

TECH Caviar's latest custom iPhone 17 collection features bespoke materials like gold plating and exotic leather Caviar has just launche...

  • (no title)
    TECH In Memoriam: The Tech That Died in 2018 A bongo enthusiast once said, "time is a flat circle," which is a pretentious...
  • (no title)
      OPPO New and unprecedented model Find X6 will debut with a huge photo sensor Oppo has a strong smartphone lineup lately, offering great fo...
  • (no title)
      DIGITAL LIFE Virtual prostitution(girls sell communication with their virtual copies) Karyn Marjorie, a 23-year-old American social media ...