Google has taken over more and more ways to keep bad software from Google Play. But a new shoot that includes more than 200 programs and more than 10 million people shows that the problem has not been solved for a long time, and in the meantime, could cost users hundreds of millions of dollars.
Researchers from mobile phone company Zimperium say a major fraudulent campaign has been plaguing Android since November 2020. As usual, the attackers managed to smash high-profile apps like “Handy Translator Pro,” “Heart Rate and Pulse Tracker,” and “Bus – Metrolis 2021” into Google Play as parts of something worse. After downloading one of the malicious apps, the victim receives notifications, five per hour, prompting them to “verify” their phone number in order to claim the prize. A self-reported “reward” page filled with an in-app browser, a popular way to store malicious information outside of the app’s software. As soon as the user writes down their numbers, the attackers sign up to pay $ 42 a month via wireless SMS messaging services. It is a method that allows you to pay for digital services or, say, send money to charities via text message. In this way, it went straight to the hypocrites.
These methods are common in the evil Play Store apps, and premium SMS fraud especially a popular story. But researchers say it’s important that attackers were able to connect the dots in a way that was still very effective – and surprisingly effective – as Google changed its Android and Play Store security.
“This is great in terms of size,” says Richard Melick, Zinterium’s chief executive for end-to-end protection. “He put out all the skills in all the teams; these methods are refined and validated. And it is a bomb attack on carpets when it comes to the amount of software. One may do well, another may not do well, and it is good. ”
The service has been rolled out to Android users in more than 70 countries and they have monitored their IP addresses to determine their status. The program displays pages in the original language of the site for this purpose. Criminal software users have been careful not to use URLs, which could lead security detectors to follow them. And what the critics did was very high quality, with no typos and grammar errors that could give a clear impression.
Zimperium is a member of Google App Defense Alliance, a partnership of other companies that help maintain the Play Store software, and the company unveiled the so-called GriftHorse campaign as part of the deal. Google says all apps known to Zimperium have been removed from the Play Store and similar developers have been banned.
The researchers said that these programs, many of which had hundreds of downloads, were still available in some stores. They also claim that even the original SMS fraud and old boxes, it still helps because these serious cases often appear until the victim’s next wireless loan. If the attackers were able to install their software on corporate devices, they could entice employees in large corporations to sign up for items that would not be known for years on the company’s phone.
Although removing many programs is slowing down the GriftHorse campaign right now, the researchers are convinced that new varieties are always planting.
“The protesters are smart and professional. They do this as a business, and they will not continue, “said Shridhar Mittal, CEO of Zimperium.” I hope this was not a one-time event. “
Many Great Stories