Over half a million Android users inadvertently downloaded malware from the Google Play Store.
According to a tweet from ESET security researcher Lukas Stefanko, 13 apps from a developer named Luiz Pinto saw more than 560,000 downloads combined.
The 13 apps, disguised as various car and truck games, would crash on launch and install an additional APK and hide it from the user by deleting the app icon.
App functionality demonstration pic.twitter.com/11HskeD56S
— Lukas Stefanko (@LukasStefanko) November 19, 2018
Before Google removed the apps, two made it to the Play Store’s Trending page.
According to TechCrunch, malware scanners can’t agree on what the malware does. However, the installed malware is persistent, launching every time the Android device boots up.
Additionally, the malware reportedly has “full access” to a device’s network traffic, meaning the malware creator could steal data communicated to and from the internet.
Last year, Google said it pulled 700,000 malicious apps from the Play Store, but it’s clear these apps continue to be one of the biggest threats to Android security.
Source: Twitter Via: The Next Web, TechCrunch