• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
TechEngage

TechEngage

Technology news and opinions

  • Tech News
  • Reviews
  • How-to
  • Roundups
  • Science
    • Energy
    • Environment
    • Health
    • Space
  • Apps
  • More
    • Opinion
    • Noteworthy
    • Culture
    • Blockchain
      • Cryptocurrency
    • Events
    • Deals
    • Startups
      • Startup Submissions
  • Videos
  • Login
Google Play Store, Security

Google Play Store accidentally sends malware to users’ phones

Avatar for Nouman S Ghumman Nouman S Ghumman Updated: December 29, 2018

google play store send malware

More than half a million users accidentally downloaded malware on to their devices when they tried and downloaded racing games, from the Google Play Store. There were thirteen apps that were guilty of containing malware. Two of these apps were even on the Trending section.

This means the games were quite prominent and many users could see them. So the chance of users trying them was quite high. All thirteen of the racing games were made by the same game developer. The exact number of downloads was close to 580,000 at the time of reporting.

The malware was reported by ESET malware researcher Lukas Stefanko. The game kept on crashing everytime users tried to open the app. It was definitely what users were expecting. Instead, it was working mischievously and was downloading payload from another server.

Don't install these apps from Google Play – it's malware.

Details:
-13 apps
-all together 560,000+ installs
-after launch, hide itself icon
-downloads additional APK and makes user install it (unavailable now)
-2 apps are #Trending
-no legitimate functionality
-reported pic.twitter.com/1WDqrCPWFo

— Lukas Stefanko (@LukasStefanko) November 19, 2018

The server was hosted by a developer from Istanbul. The app deleted the icon and installed malware behind the scenes. It is not clear at the moment what the malware is supposed to do or what its function is.

The app does start up everytime the user starts their phone. This means that the app had full access to the system. So the user could access network data and steal users’ identity or invade users’ privacy. TechCrunch tracked down the domain owner Mert Ozek, who is based from Istanbul.

Ozek didn’t respond to TechCrunch’s email. Google spokesperson Scott Westover confirmed that the apps “violated our policies and had been removed from the Play Store.”

This is yet another point of criticism for the sear engine behemoth who has shown another lapse of judgment. Many Apple fans will be criticizing their Android friends for this mess up. Apple has the edge over Android devices in some departments. The App Store is one of them.

Apple is known for keeping a check and balance on what apps get released on their platform. It rejects more apps than it allows. So the App Store is a fairly competitive place to be. This means that the apps go through proper channels and such incidents are few and far between.

The search giant has put in quite a few measures to cut down on malware and malicious apps. The tech company has tried to remove many apps that it found to be malicious in the past. It even tried to improve the security of the Android ecosystem.

Google introduced new security features. On top of the list was the way permissions are approved for Android apps.

Google wanted to review the way third-party developers developed apps and how they accessed various APIs. Despite these vital measures, there were still so many security flaws that slipped through the cracks.

Malicious and harmful apps continue to plague the app store and are the number one threat to Android security. The company has already faced criticisms on other platforms as well. Everyone remembers the Google+ fiasco which left millions of users’ data exposed.

Play Store continues to be a hostile territory especially for new users, who are oblivious to clues regarding malicious and shady apps. If this trend continues, many potential new Android will be put off with the world’s most popular mobile operating system.

This will be a huge win for Apple, on the other hand, which is considered a far safer platform.

Google pulled more than 700,000 apps from their platform last year. These apps were deemed unsuitable and broke the Play Store’s terms of service. This was up by 70 percent from 2016, which shows the menace of harmful apps just keeps snowballing.

The company even tried to improve its back-end to prevent stop harmful apps from being published onto the Play Store in the first place.

This was clearly to no avail. Harmful apps still get their hands across uninformed users, which leaves a path of destruction for Google to clean. This is bad for both developer and Android users. Google needs to take a cold hard look at how it handles security. Otherwise, there will be a lot of repercussions for such carelessness.

This post was orginally published on: November 21, 2018 and was updated on: December 29, 2018.

Related Tags: Google Play Store Malware

Related Stories

  • Marriott Data Breach; One of the largest customer data breaches in history

    Marriott Data Breach; One of the largest customer data breaches in history

  • The new Australian encryption law is alarming

    The new Australian encryption law is alarming

  • Apple users can now exercise their user data right

    Apple users can now exercise their user data right

Avatar for Nouman S Ghumman

Nouman S Ghumman

Vice President and Associate General Counsel

The writer holds an LLM degree in International Commercial Law from the City University of London. He is a Managing Partner at SG Advocates & Legal Consultants. He is also the Vice President and Associate General Counsel at TECHENGAGE. He can be reached at nouman@sgadvocates.com

Reader Interactions

Join The Discussion: Cancel reply

Please read our comment policy before submitting your comment. Your email address will not be used or publish anywhere. You will only receive comment notifications if you opt to subscribe below.

Primary Sidebar

Become a contributor

We are accepting contributor applications. All applications will be decided in 3 days after applying. To learn more click here.
TechEngage-Apple-News
TechEngage-Google-News

Recent Stories

  • Best games to play in 2021
  • Best Apple MacBook Pro Alternatives on Amazon for 2021
  • Best chair covers on Amazon for 2021
  • Best Webcams for PC and laptop on Amazon for 2021
  • How to use an external Graphics Card with a Mac for gaming
Google Chrome logo

Must-have best browser extensions 2021

Best-gaming-chairs

Best gaming chairs in 2021

Google Docs logo

How to change the page color in a Google Docs

An iPhone 6s mockup with live wallpaper

How to use any video or GIF as iPhone live wallpaper

Footer

Discover

  • About us
  • Newsroom
  • Staff
  • Advertise
  • Send us a tip
  • Startup Submission Questionnaire
  • Brand Kit
  • Contact us

Legal pages

  • Reviews Guarantee
  • Community Guidelines
  • Corrections Policy and Practice
  • Cookies Policy
  • Our Ethics
  • Disclaimer
  • GDPR Compliance
  • Privacy Policy
  • Terms and Conditions

Must reads

  • Best AirPods alternatives on Amazon
  • Best PC monitors for gaming on Amazon
  • Best family board games
  • Best Graphics Cards (GPUs) for gaming
  • Best video doorbells without subscription
  • Best handheld video game consoles
  • Best all-season tires for snow
  • Best mobile Wi-Fi hotspots
  • Best treadmills on Amazon
  • Best AM radios for long-distance reception

Download our apps

TechEngage-app-google-play-store

Copyright © 2021 · All Rights Reserved · TechEngage® is a Project of TechAbout LLC.
TechEngage® is a registered trademark in United Kingdom under Trademark Number UK00003417167 and is ISSN protected under the ISSN 2690-3776 and OCLC Number 1139335774.

Go to mobile version