2 min read

It’s a Mistake to Assume Official App Stores for Android Are Safe

Silviu STAHIE

September 08, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
It’s a Mistake to Assume Official App Stores for Android Are Safe

Official Android app stores offer people the software they seek while generating the impression of guaranteed security. While the impression turns out accurate most of the time, the exceptions should keep us on our toes.

Downloading an app from the official store seems like the safest thing you can do on your phone. Security issues are not among the main concerns in this situation. The worst that could happen is that the app doesn’t start or it works poorly on a particular device. Or at least that’s what goes through the mind of a regular user.

The truth is, though, that security is much more complicated than people realize. It’s not a zero-sum game. A grey area inhabits the middle and cybercriminals attempt to walk daily. Most malicious apps won’t make it into the store, but if attackers hide their intentions well, some apps could fall through the cracks.

From annoying to dangerous

Downright dangerous apps don’t make it into official stores, or at least very rarely. Attackers know to refrain from pushing apps that might trigger security, so they usually settle for less intrusive software that might even provide a minimum of functionality.

In the latest campaign identified by Bitdefender on the Google Play Store, more than 30 apps were found to behave strangely and deploy a form of aggressive adware. The developers promised apps such as wallpaper collections, for example, but immediately after installation, the app would change its name and the icon to something like Settings. The idea is that victims install the app, it appears it’s not working, and they can’t see it to delete it.

Of course, the app could be deleted just like any other one, but you must know where to look. Once installed, attackers would begin to serve aggressive ads on top of other legitimate apps. While showing ads and mimicking taps on ads for revenue can be categorized as annoying, the potential for much more harm was there.

The ads served by the malware come from a third-party framework controlled by the attackers. Instead of an ad, victims could easily get redirected to more dangerous malware, like a banking trojan.

It gets worse than just ads

Potentially unwanted applications (PUAs), like the ones spotted by Bitdefender, could become a bigger problem. Sometimes, criminals upload downright malware, as happened in December 2021. Numerous Showbox clones infected the Samsung Galaxy Store. The original app itself could not have been in an official store since its primary use is to provide pirated multimedia content. While the clones didn’t have any malicious code, they could act as droppers and download other types of malware.

Similar behaviors have been observed in the past for Google Play. For example, during the height of the Flubot and Teabot malware waves, in January 2022, Bitdefender found a few apps in the official Google Store that would act as droppers for the infamous banking trojans.

Security above everything else

Assuming that the official app stores offer sufficient security for downloaded apps is a mistake. As users, we must be aware that online threats come from all sides, and dismissing official stores as a source of malware can have dire consequences.

Time and time again, criminals show us that we need a layer of extra protection that can detect new threats, such as Bitdefender Mobile Security, which scans everything people install. Moreover, new technologies let the security solution detect malicious behavior and look at what apps do after installation.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Some Phone Manufacturers Didn't Implement Vital Security Patch for ARM Mali GPU, Google Researchers Find Some Phone Manufacturers Didn't Implement Vital Security Patch for ARM Mali GPU, Google Researchers Find
Silviu STAHIE

November 29, 2022

1 min read
Apple Users Report Seeing Other People's Photos When Using iCloud for Windows Apple Users Report Seeing Other People's Photos When Using iCloud for Windows
Silviu STAHIE

November 25, 2022

1 min read
How SIM Swapping Attacks Work and How to Protect Yourself How SIM Swapping Attacks Work and How to Protect Yourself
Filip TRUȚĂ

November 25, 2022

3 min read