android-security

How Google immediately busted 20 spyware apps in Google Play

Android security issues have long been debated, namely the hot issue of just how exposed you are if you use nothing but Google Play. It’s true: most malware and spyware requires initial action on the user’s part to get going, and the first action, in any case, is typically downloading third-party apps from untrusted sources.

That’s not to say bad Apple’s can find their way to Google Play — they have before, and in fact, they have just recently — but Google is typically quick to find and eliminate these apps. They not only remove them from Google Play but also remove them from any infected devices.

Such was the case with a new family of spyware being called Lipizzan. In their latest blog post, the Android Security team talks about how they were able to quickly identify 20 such apps.

It all began with detecting a botnet code that downloads an unencrypted vessel for transferring things call logs and text messages to a remote server. Here are all the things these apps were able to do:

Shortly after busting the first group of apps, Google detected a second group that had the botnet code included with the APKs in encrypted format instead of downloading it post-installation. Those apps got the boot quite swiftly, too.

In all, Google says Lipizzan apps were only installed on fewer than 100 devices, which accounted for 0.000007% of Android devices with Google services. With that, they offer the usual line of action for preventing these attacks and protecting yourself:

Of course, power users can bend the rules when and if needed, but if at any point you have an ounce of doubt, stick with Google Play.

Exit mobile version