Sign In

Communications of the ACM

ACM TechNews

Google Play Apps Steal Texts, Pepper You With Unauthorized Purchases


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A view of Googles Mountain View, CA, campus.

Security researchers have uncovered a batch of Google Play apps that stole users text messages and made unauthorized purchases on users dimes.

Credit: Getty Images

McAfee mobile researchers have discovered malware hidden in eight Google Play apps that steals users' text messages and makes unauthorized purchases.

They found that the attacker-operated server controlling infected devices stored users' mobile carrier, phone number, SMS messages, IP address, country, network status, auto-renewing subscriptions, and more.

The researchers said the Android/Etinu malware "hijacks the Notification Listener to steal incoming SMS messages like Android Joker malware does, without the SMS read permission. Like a chain system, the malware then passes the notification object to the final stage. When the notification has arisen from the default SMS package, the message is finally sent out using WebView JavaScript Interface."

They also found the malware uses key management servers and has a self-update function.

Google removed the apps after the researchers reported them.

From Ars Technica
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found