HomeWinBuzzer NewsMalware Infested Android App Stayed on Google Play for Nearly a Year

Malware Infested Android App Stayed on Google Play for Nearly a Year

An Android app on Google Play loaded with malware was downloaded over 5,000 times and hid trojan attacks behind a false Flash update.

-

has always insisted is a secure platform, although malware and security issues are frequent. It's true, the core Stock Android experience is secure, but the nature of the OS makes it vulnerable. This is true on the , where Google should admittedly have more control.

However, apps loaded with malware are relatively frequent, even if Google works hard to stop them. Under the policies of the Google Play Store, applications that download executable code from any source that is not Google Play are prohibited.

Naturally, many attackers don't care for this rule and frequently try to exploit it. Google is forced into a never-ending situation of policing apps. It seems one slipped through the security net. A booby-trapped application loaded with malware was recently taken down. Job done, you may think. The problem is, the app had been on Google Play for nearly a year.

Furthermore, while Google ultimately removed it, the company did not discover the app. That was down to ESET researcher Lukas Stefanko, who discovered an app called Simple Call Reader. Attackers used the app to trick users into installing another ghost app that was disguised as an Adobe Flash Player update.

“Simple Call Recorder lasted on the Google Play almost for a year, which is really a long time before being removed,” said Stefanko in a Monday post.

Stolen Code

Simple Call Recorder was published by FreshApps Group and was uploaded onto Google Play on November 30, 2017.

Over that time, it was installed over 5,000 times. Stefanko says it is likely the attacker/s may have stolen the legitimate call-recording facility from legitimate open source code and added the malware element.

“Simple Call Recorder lasted on the Google Play almost for a year, which is really a long time before being removed, if we consider that the app contained flashplayer_update.apk string inside.”

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News