Even though it has been notified about the apps listed on the Play Store, it has not been able to catch the code that is already identified.
It seems that some developers that have been cited aren’t being kicked off the platform, despite the fact that some malicious apps are still being listed on the app store. According to a report by security software company Malwarebytes, four apps listed by developer Mobile apps Group contain a well-known malware used to steal users’ information. The four apps are listed on the Play Store.
Worse still, the developer is still able to list their apps on the main app store even though they have been found to have deployed malicious software before.
Read the whole story.
The apps are listed by the company Mobile apps Group, whose listing on the Play Store includes the slogan, “Use the smart app, you guarantee a strong and reliable connection with any device.” The apps have something in common.
- It’s possible to connect with auto connect.
- The driver has a wi-fi device.
- The app was sent to a sender.
- There is a smart switch for mobile transfer.
When users first install the software, there is a several-day delay before it starts opening websites. Even if a device is locked, these sites still run in the background. These sites include porn sites that lead to other sites that can be used to scam users with messages that they have been hacked, and need to perform an update.
Twice in the past, the mobile apps group has been cited for listing the wrong apps.
Other researchers have written about the earlier version of auto connect. Two days after the delisting, the developers released a 3.0 version of the app, which means that the malicious developers didn’t even get a chance to apologize. The current version of the app, 5.7, was released in December of last year.
One malicious app that was harvesting users’ phone numbers is one of many high-profile malicious app scandals that have been found on the Play store. A year ago, nine other apps were kicked out of the store after researchers found they were used to steal users’ Facebook logins.
Gizmodo asked for comment from the company, but they did not respond immediately. The system claims to warn users if it discovers a violation of the policy against the app.
The time it takes for the app to install varies between different apps, but the first log entry is recorded a few hours after installation.
A common way that bad actors get around app store filters is to delay the installation of the malicious software. There are at least 35 other malicious apps on the Play Store that have racked up over 2 million downloads, according to a recent report from Bitdefender. According to the August report, once these apps are installed, they rename themselves and change their icons in order to confuse users and avoid detection. Dr. Web reported in July that there were a few dozen other apps that were modified to have the same name.
According to the company’s own page, it scans over 100 billion apps every day, and is built into the company’s security program. IT security researchers at AV Test noted that it was the last security app to fail in a test of other security apps.
