Rogue developers hiding Android malware in apps on Google Play

Respected security blogger Brian Krebs reports that an “explosion in Android malware” is being fueled by a growing market for hijacked or rogue developer accounts on Google Play, Google’s official Android app store. 

While hugely popular, the open source nature of the Android platform has long been a cause of concern for security professionals. Industry watchers have hinted that Google itself is starting to put tighter developer controls around Android, development for which has become fractured. It may look to introduce locked down Android hardware of its own, like Apple and Microsoft, and continue to develop the fully closed Chrome platform.

Krebs claims that an Android malware developer active on a popular underground forum was seeking to buy verified developer accounts at Google Play for $100 apiece. According to Krebs: “Google charges just $25 for Android developers who wish to sell their applications through the Google Play marketplace, but it also requires the accounts to be approved and tied to a specific domain. The buyer in this case is offering $100 for sellers willing to part with an active, verified Play account that  is tied to a dedicated server.”

Krebs goes on to report that the same malware developer also sells an Android SMS malware package that targets customers of CitiBank, as well as 66 other financial institutions around the world. The targeted banks offer text messages as a form of multi-factor authentication, and this bot is designed to intercept all incoming SMS messages on infected Android phones.

Author , We Live Security

  • I think that is time for the lockdown…but always remember what can be engineered can be reverse-engineered. As platforms become more popular they always become targets for hackers and those seeking to do harm to others.

    • Stephen Cobb

      There are definitely times when I feel like locking down, turning off, and taking a break from the struggle. But in the end I am optmistic things will work out.

  • junjun santos

    I actually got this from play store.

Follow us

Copyright © 2017 ESET, All Rights Reserved.