Even seemingly reliable online stores can make mistakes, as we can see with the recent events related to the Google Play Store. There was an incident when more than 500 infected applications for Android were downloaded by over 100 million people.[1] Fortunately, at the moment you shouldn’t find them anymore, as they were removed as soon as the threatening situation was revealed.
However, it doesn’t mean that there are no compromising apps at the store right now – cyber criminals constantly use new techniques and tactics to implement malware on seemingly normal applications. It is advisable to scan your mobile device with a reputable anti-malware program if you have downloaded anything suspicious recently.
The compromised applications belong to various categories, for example, photo editing, weather, education, travel, fitness, emoji, and games.
How did Google Play Store apps get infected?
The hundreds of applications most probably contained SDK (software development kit)[2], which can be used for intrusive advertising. Normally, SDKs are used to display non-malicious ads, especially to those who use free applications. It is done so that the developers of free programs could earn money from their work.
However, this case was slightly different. Igexin[3], a rogue Chinese software development kit, was accidentally integrated into the Android apps. This SDK can be used for compromising the security of users.
Igexin is known for the ability to steal private user data, mostly login information and passwords.
As specialists at Google now know about what can be done with Igexin, corresponding actions have been performed as the threatening apps were either eliminated or exchanged with their safe versions.
When it comes to Google Play Store, this incident is not that unusual. Unlike the Apple Store, which does not attract a lot of hackers[4], Google Play Store is known for a few previous malware attacks.
Not long enough, Google Play Store was affected by a number of viruses, for example, BankBot Trojan, Xavier virus, LeakerLocker virus, and Ztorg Trojan.[5] These were not as widely spread as the previous threat, but they posed real security and privacy issues to the users.
For this reason, Google created and launched a security system called Google Play Protect[6]. It not only regularly scans the device, but also thoroughly checks all the apps that are downloaded on the phone.
If the application is in some way threatening to the user, Google Play Protect shows a notification and deletes the app. Let’s hope that this will be enough to lower the level of threats when it comes to Android devices.
How do I avoid Android viruses?
It is a known fact that it is easier to prevent a virus rather than remove it with all its negative consequences. When downloading applications from Google Play Store (or any other online store), don’t forget to read the comments about the app – there might be some useful information and warnings.
What is more, try to obtain only well-known applications and avoid obscure apps. If you have any doubts, don’t install them and find safer alternatives.
Julie Splinters is a VPN service analyst at Reviewedbypro.com, who specializes in VPN services and anti-spyware applications. Her major of English Philology and her passion for IT helped her choose the path of an IT writer.
- ^ Dan Goodin. Spyware backdoor prompts Google to pull 500 apps with >100m downloads. Ars Technica.
- ^ Software development kit. Wikipedia, the free encyclopedia.
- ^ Adam Bauer, Christoph Hebeisen. Igexin advertising network put user privacy at risk. Lookout blog.
- ^ Karen Haslam. Do Macs get viruses, and do Macs need antivirus software?. MacWorld.
- ^ Olivia Morelli. Google Play Store removes 500 spying apps that were downloaded over 100 million times. 2-Spyware.
- ^ Scott Adam Gordon. Google’s security suite ‘Play Protect’ rolling out to Android phones . Android Authority.
