A report from security vendor Symantec reveals that seven different apps that were originally banned from the Store for being infected with Android.Reputation.1 are now available for download once again, only that using a different name and icons that make them look legitimate.
The apps feature the same code as the original ones that got banned but somehow sneaked into the store with the different name and publisher.
Symantec says the apps are mostly cleaners, calculators, app lockers, and call recorders, and use the same tactic to compromise Android devices.
Once downloaded, the malware waits a few hours before launching its malicious activity in an attempt to trick people into believing that they are legitimate. They request administrator privileges and use Google Play icons to hide their true purpose, while also featuring capabilities to change launcher icon and running apps icon in the system settings.
Obviously, the easiest way to remain protected is to avoid downloading apps from untrusted sources and always, but always, double-check the permissions that they require. If an app like a calculator seeks device administrator rights, it’s pretty clear that something’s fishy there, so blocking it must the only way to go.
Submitted by: Arnfried Walbrecht
Comments are closed.