Fake Google Play Security Apps Harvest User Info

Written by

Security experts have warned users to beware of fake apps on Google Play posing as security tools after finding 36 such applications on the popular marketplace.

The apps in question were given names like Security Defender, Security Keeper and Smart Security, presumably in a bid to win the confidence of netizens browsing the Google app store.

Although able to perform simple tasks such as scanning, Wi-Fi security, saving battery power and removing junk mail, they also came with a host of unwanted features, Trend Micro mobile threat analyst, Lorin Wu, explained.

Users are deluged with fake security and other pop-up warnings about memory space and similar. The malware authors appear to have added information to these in a bid to lend an air of legitimacy to the scam.

If the user clicks through on a threat warning the app will claim it has been resolved, in order to allay potential user concerns.

The malware also collects a trove of data including Android ID, MAC address, IMSI number, info on the OS, brand and device model, language, location info and data from installed apps like Google Play and Facebook, Wu explained.

That’s not all — the malware also bombards users with relentless advertising.

“The aggressive ads show up during many different scenarios — for example, after the app sends notices to unlock the device screen or if the user is told to connect to a charger,” said Wu. “The user is bombarded with ads with almost every action. It is clear that one of the main focuses of the app is ad display and click fraud.”

Fortunately, Google removed the malicious apps as soon as it was informed by Trend Micro. However, the security vendor urged users to keep mobile devices up to date with the latest software, be careful of granting apps too many permissions and to install security software on their device.

What’s hot on Infosecurity Magazine?