Lookout finds another malware app in Google Play
Security firm Lookout recently alerted Google when a new app containing malware was spotted in Google Play. The app in question was called “Black Jack Free” by developer, Entaamun Kamutneeta and was identified to be a part of the Acecard family of malware.
Unlike many other malware apps out there, this app actually let the users play Black Jack (for free!) so it wouldn’t raise any red flags when users started trashing it in the reviews for not doing anything. What this malware family would do, however, is silently download a secondary app called “Play Store Update” (cosmetiq.fl) that would place overlays on banking apps and other popular apps trying to phish for banking credentials or other financial information.
It could also intercept SMS messages and forward them to a server, send SMS messages while impersonating the owner of the device, forward phone calls, lock the device screen, and wipe all user data from the device.
At the time of it being removed from the Play Store it had (based on Play Store estimates) as many as 5000 downloads but Lookout ensures that its users should have been protected from installing the app to begin with.
Read more about this app and other banking malware on Lookout’s original gambling pun-filled announcement.
What can you do to protect yourself?
Obviously Google does everything that it can do protect its users from malware, but if they don’t know about it then they can’t do anything. Having an app like Lookout, Kaspersky, or Avast on your phone or tablet will go a long way to provide additional protection against things that Google doesn’t know about yet because all of those services spend all of their time looking for security threats and keeping catalogs of everything that looks fishy.
Our instinct is to trust anything that is in Google Play and that’s normally a good rule of thumb, butas we have seen numerous times, it’s always possible that something will slip through. Bear in mind that this isn’t something exclusive to Google Play, Apple has seen its share of malware, too.
The best thing you can do to protect yourself is use common sense and scrutiny when downloading any app to your device. If it seems too good to be true, it probably is. If it’s awash with poor ratings in the Play Store, raise an eyebrow. If it doesn’t use material design, bring the hammer down.
Source | AndroidGuys