In recent months, Google has taken steps to tighten up its processes so that fewer poisoned apps find their way into the Google Play Store. In addition to that, the company has stepped up its efforts to ruthlessly track down and remove malicious apps whenever and wherever they are found. By most accounts, that effort has been successful.
Sadly, it hasn’t been completely successful, or as successful as they’d like it to be. Recently, independent security researcher Lukas Stefanko pointed the company to more than a dozen malicious apps still lurking on the Play Store. Worse, taken together, those apps had been downloaded more than half a million times.
Google acted swiftly and removed the offending apps, but based on the number of downloads, the damage has certainly been done.
What’s worrisome is that these apps survived for quite a long time and managed to go undetected, even after Google strengthened their processes. Even worse, all the apps can be traced back to a single author, “Luiz Pinto,” which is no doubt a pseudonym.
All of the apps were disguised as games and had interesting looking thumbnails to entice users to download them. None of them actually worked, and would crash when users would try to run them. Then the program would ask to install an additional APK (which would vary from instance to instance), but in no case was something benign installed.
All of the secondary APKs were malicious in their nature, designed to steal data in one form or another and send it back to the app’s owner.
Clearly, Google has more work to do in this area, but the number of apps and downloads taken as a percentage of the Play Store as a whole are miniscule. Even so, it’s a disturbing report, especially not long after Google made headlines for improving their processes.