Communications of the ACM

Home/News/Google Play Apps Steal Texts, Pepper You With Unauthorized.../Full Text

ACM TechNews

Google Play Apps Steal Texts, Pepper You With Unauthorized Purchases

By Ars Technica
April 27, 2021
Comments

View as: Print Mobile App Share:

A view of Googles Mountain View, CA, campus. — Security researchers have uncovered a batch of Google Play apps that stole users text messages and made unauthorized purchases on users dimes.

Credit: Getty Images

McAfee mobile researchers have discovered malware hidden in eight Google Play apps that steals users' text messages and makes unauthorized purchases.

They found that the attacker-operated server controlling infected devices stored users' mobile carrier, phone number, SMS messages, IP address, country, network status, auto-renewing subscriptions, and more.

The researchers said the Android/Etinu malware "hijacks the Notification Listener to steal incoming SMS messages like Android Joker malware does, without the SMS read permission. Like a chain system, the malware then passes the notification object to the final stage. When the notification has arisen from the default SMS package, the message is finally sent out using WebView JavaScript Interface."

They also found the malware uses key management servers and has a self-update function.

Google removed the apps after the researchers reported them.

From Ars Technica
View Full Article

No entries found

Google Play Apps Steal Texts, Pepper You With Unauthorized Purchases

Amazon's Ring to Shutter Video-Sharing Program

Innovation Is Overrated: A Provocation

Unlocking the Potential of Zero-Knowledge Proofs in Blockchain