With more than three billion active Android device users, Google has a tough job of safeguarding the platform from cyber threats. Over the years, it has steadily increased the security of the Android phones and Play Store, and even joined forces with top cyber security firms to form App Defense Alliance. And, yet the efforts seem inadequate, as more apps with malware have been detected.
CloudSEK SVigil team has found numerous Android apps laced with infamous SpinOK malware on the Google Play store. Apparently, the app companies have developed their apps from compromised SDK (Software Development Kits) available on the web.
This happens when app developers probably save money or intentionally use such SDKs to steal the personal information of device owners. The malware sneakily sends them to servers handled by bad actors and the data can be used to steal money from banks or blackmail the potential victims with private photos/videos.
The racket was first unearthed by Dr. Web's team in May, and there were more than 100 in the latest report, there are around 43 compromised apps still active on Play Store and have been installed on more than 30 million devices around.
Some of the bad apps include Bitcoin Master (by cqwawang, 1 million downloads), Crazy Magic Ball (by XM Studio, 1 million downloads), Happy 2048 ( by Zhinuo Technology, 1 million downloads), Jelly Connect (by Bling Game, 1 million downloads), Macaron Boom (by XM Studio, 1 million downloads), Macaron Match (by XM Studio, 1 million downloads), Meta Win Slots (by Jia22, 500,000 downloads) and Tiler Master(by Zhinuo Technology Co., Ltd., 1 million downloads), among others.
Taking cognizance of the report, Google has initiated an investigation and has assured to penalise and probably ban the guilty app developers, who have violated Google Play's user privacy policy.
Here's how to safeguard yourself from malware-laced apps:
1) Never ever install apps from third-party app stores or website
2) Even if you find any interesting app on Play Store, make it a habit to read the most recent reviews, which will definitely give tell-tale signs of fraud faced by users who have already installed that particular app
3) To be on the safer side, install an anti-virus app developed by known publishers such CloudSek, Kaspersky, and others on the phone
4) Also, if you get any messages or emails from unknown people with URL links to apps, do not click them. Even if you get any downloadable Android Package Kits (APKs) or files, do not download them.
Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on DH Tech