Android Alert: There’s another malicious app on the Google Play Store

0
120
Google Play Store malware

There is a new application with adulterated and malicious software on the Google Play Store with the potential to infect millions of smartphones and tablets. The alert was given by the agency Pradeo and the app in question already has more than 10,000 installations.

This is a new device that managed to outwit the security mechanisms of the Google Play Store, looking like a simple food app, a category in high demand due to the confinement that millions of people are subject to.

The new Android threat on the Play Store

Google Play Store malware
Cover page in the app listing on the Google Play Store.

If the reader has the application Daily Food Diary installed on your Android we recommend its immediate removal. The person responsible for the app managed to hide malicious code in core application, bypassing Play Store protections.

However, the app has already been removed from the Google Play Store, but not before it was installed more than 10,000 times. In view of this rapid adoption, the agency Pradeo replicates its alert and urges anyone who has to uninstall it as soon as possible.

Pretending to be legitimate application with the purpose of keeping a daily record of meals – taking photographs at each meal – the application effectively works. It even allows you to set alerts and timers to help us maintain a more regulated daily diet. The danger, however, lies in the Daily Food Diary’s undeclared purpose.

Apparently legitimate application, but with hidden malware

Google Play Store malware
Details and information on the app listing on the Google Play Store.

As soon as the user installs and opens it for the first time, they are immediately taken to the Settings and Permissions menu of the Android device.

There the user is asked to grant permission to run whenever the phone is switched on, to override other applications and to bypass the hibernation and energy saving mechanisms on Android.

Moreover, when the user uses the app, it tries to prevent it from being closed when going backwards or out of it. The application goes further, however, by repeatedly asking for permissions to access the device’s contact list.

If this permission is granted, Daily Food Diary directly accesses the contact information, extrapolating them to an unknown external storage device.

The app also asks for permissions to manage phone calls in order to reject incoming communications that could prevent it from running in the background. According to the investigation, the malicious software falls under the Joker malware.

The malware managed to bypass Google’s protection mechanisms

Google Play Store malware
Study the content of the Daily Food Diary application.

The way he did it is not new. According to the source, the malware (malicious code) is hidden in an encrypted file and nicknamed 0OO00l111l1l. Also present in the application code is the key that allows you to unlock the malicious file.

Thus, the tampered software managed to enter the Google Play Store, bypassing the filters and detection algorithms. All of this with the aid of a legitimate and functional application that will have been created only to serve this malware.

In other words, the Daily Food Diary application served as a Trojan horse to introduce malware to Android devices.

The application has already been removed from the Google Play Store, but it can be present on more than 10,000 mobile devices.

If you have it installed, remove it as soon as possible!

4gnews editors recommend:

*The article has been translated based on the content of https://4gnews.pt/alerta-android-ha-mais-uma-app-maliciosa-na-google-play-store/ by 4gnews.pt
. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article. If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!