acm-header
Sign In

Communications of the ACM

Home/News/Google Play Apps Steal Texts, Pepper You With Unauthorized.../Full Text
ACM TechNews

Google Play Apps Steal Texts, Pepper You With Unauthorized Purchases

By Ars Technica
April 27, 2021
Comments
View as: Print Mobile App Share:
A view of Googles Mountain View, CA, campus.

Security researchers have uncovered a batch of Google Play apps that stole users text messages and made unauthorized purchases on users dimes.

Credit: Getty Images

McAfee mobile researchers have discovered malware hidden in eight Google Play apps that steals users' text messages and makes unauthorized purchases.

They found that the attacker-operated server controlling infected devices stored users' mobile carrier, phone number, SMS messages, IP address, country, network status, auto-renewing subscriptions, and more.

The researchers said the Android/Etinu malware "hijacks the Notification Listener to steal incoming SMS messages like Android Joker malware does, without the SMS read permission. Like a chain system, the malware then passes the notification object to the final stage. When the notification has arisen from the default SMS package, the message is finally sent out using WebView JavaScript Interface."

They also found the malware uses key management servers and has a self-update function.

Google removed the apps after the researchers reported them.

From Ars Technica
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account