Tech

Google Play Store Hosts A Nest of Malicious Spyware Apps That Steal Email Messages

By Bien R. Gruba III , Sep 19, 2016 12:20 PM EDT
Close

Cyber security experts have often warned Android users to be cautious with the applications they download especially APK versions of the app.

Myriads of malicious apps lurk the nooks and crannies of the internet especially those designed for Android users given the ubiquitous nature of the operating system.

Google Play Store is believed to be the safest place to download virus-free apps. However, recent reports are saying that even the site is apparently no longer immune to attacks.

Just this month, tech security experts discovered a nest of rogue applications in Google Play Store that can infiltrate phones and turn it into a spying device unbeknownst to the user.

Cnet reported that "Lookout," a Mobile security company, discovered four malicious Android-based apps on Google Play Store. The apps are said to clandestinely monitor smartphone usage and data without the user's knowledge.

The spyware apps, once downloaded and connected to Wi-fi, will run a malicious code called "Overseer" which will hack a person's GPS software enabling the attacker to track the exact latitude and longitude locations of the person and also steal email addresses and messages.

According to IBTimes, Overseer could also infiltrate and access the phone's internal and extended memory, address book, network operator, and device characteristics.

Kristy Edwards, product manager for Lookout, said: "That information is incredibly valuable to an attacker who wants to find out where a person is and who they're talking with."

The app has the potential to be a weapon for kidnappers, pedophiles and terrorists.

One of the malicious apps, called "Embassy," took on sheep's clothing and was advertised on Google Play Store as an app that helps people find the address of their nation's embassy in foreign countries.

What the "Embassy" would really do is transform the user's phone into a homing device and send out the user's email contact lists to anonymous accounts hosted in foreign countries but stored in Facebook and Amazon cloud servers giving the appearance of legitimacy.

Google has been notified and the malicious apps have been taken down.

Nonetheless, users are advised to maintain a constant state of vigilance when downloading content from the internet into their smartphones.

Related Articles

© 2019 ITECHPOST, All rights reserved. Do not reproduce without permission.

MORE IN ITECHPOST

Real Time Analytics