Malware posing as driving apps downloaded by half a million Play Store users

Malware posing as driving apps downloaded by half a million Play Store users

Google has often been criticized for not policing Play Store content closely and their backseat approach has landed them in hot water again. Thirteen malicious driving apps had to be pulled from Google Play, after a security researcher exposed them as malware.

All 13 of the apps were posing as driving games or driving sims, including an SUV city driving sim, a luxury car racing game, motocross sim, etc. They were all 'developed' and published by the same person - Luiz O Pinto. The thumbnail images resemble that of any driving game and there are no dead giveaways that the apps are malicious.

DsXjVC7XoAIdc8P.jpg large
The 'games' in question. / © Lukas Stefanko

Lukas Stefanko, a security researcher for ESET, made the discovery. He quickly posted on Twitter warning users not to download the apps, but by that time two of them were trending. Before Google pulled the plug, the malware was installed by over half a million users.

If you downloaded one of the driving sims, at first they seemed like harmless but poorly-programmed apps that crashed on opening. However, the app icons disappeared after installation, making them hard to find and uninstall. Some of the apps also requested that users download and install an additional APK. You can see a demonstration from Lukas Stefanko in the video below.

According to Tech Crunch, the malicious apps installed malware in the background. It is not clear its exact purpose was, but it granted 'full access' to the Android device's network traffic, meaning any information entered online after was not secure.

Other sources, such as ZDNet, however, claim the apps were adware-based: "Such practices force users to view adverts and are used to earn money fraudulently for publishers, hoodwinking ad networks out of legitimate views and causing severe annoyance to those whose devices are infected with such software."

Whatever the intention of the malware creator was, A Google spokesperson confirmed that the apps are no longer available for download: "Providing a safe and secure experience for our users is our top priority. We appreciate the researcher’s report and their efforts to help make Google Play more secure. The apps violated our policies and have been removed from the Play Store."

However, if the 560 000 number of installs is accurate, this is one of the biggest breaches the Play Store has had in its history. Although many criticize Apple for its 'walled garden' approach to its app store, maybe it's time for Google to follow their example or at least adopt stricter security measures. Despite removing more than 700 000 apps from the Play Store in 2017 alone, many malicious ones still find a way to sneak in.

What do you think? Have you dealt with malicious apps downloaded from Google Play before? Let us know in the comments.

Source: Tech Crunch

Latest articles


Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing

  • iOS here I come!

  • Hi Thanks for the article this information helped me a lot

  • I'd say Apple's and Google's proprietary app stores are pretty similar, and have pretty similar records of usually but not always catching malware. The "garden wall" is Apple preventing any alternative source or sideloading. Funnily, because I sideload some APKs I have a third party malware scanner (currently BitDefender) installed and it scans Play Store installs along with anything else. I haven't had any bad Play Store apps, but have stodgy taste - when I see the villain app icons, they usually look targeted to kids or grinning fools.

    • They're not even close to the same thing. For one thing, the admission fee to Apple's store is much higher making it less attractive for low lifes to want to pay the fee.

  • "maybe it's time for Google to follow their example" ... are you kidding?
    Despite the fact that Alphabet is already, in many ways, following the Apple path in locking down users into the Google ecosystem (just think of the ChromeOS, or the way they target universities with "free" Drive integration that results in unsecure storage of researchers work in US, no-GDPR servers), if Alphabet closes the Play Store the way Apple does, I'll buy a legacy UbuntuPhone and stick with its (il)limitations!
    BTW, such a legal change in the Play Store status, would trigger major industry earthquakes: Samsung, Huawei, LG, Oppo/OnePlus and other smrtphone OEMs are already preparing their own OS and stores.

    • Emphasis here is on the 'maybe'. As you said, they're already following Apple's example in other regards, but they don't have to adopt the exact same app store approach. However, a change is definitely needed (you ignored this part of the sentence - "or at least adopt stricter security measures"), since this is just one of many cases when Google has let malware and adware slip by. What consequences any changes to the Play Store might have, is another long discussion that's better suited to a separate article.

      • You're right. My blood was boiling before finishing the "or at least adopt stricter security measures" sentence :-P
        Before being an Android user, I'm a tech enthusiast and a citizen, and would not like to trade freedom for security at all cost.

Write new comment:
All changes will be saved. No drafts are saved when editing