More than 500,000 Android users downloaded malware while thinking they were downloading a driving simulation game, according to Android security researcher Lukas Stefanko.
Thirteen different apps made by a single developer, Luiz Pinto, were downloaded by roughly half a million Android users from Google’s app store before being removed. Several of the games even started trending on the store, helping to fuel additional downloads.
Once downloaded, users found that the apps were riddled with bugs and would not be able to run very long before crashing. Additionally, the icons for the apps would disappear.
Malware functionality not discovered
The illegitimate gaming apps were actually sending information to an app developer in Istanbul. The functionality of the malicious apps has not yet been revealed.
“None of the malware scanners seemed to agree on what the malware does, based on an uploaded sample to VirusTotal. What is clear is that the malware has persistence — launching every time the Android phone or tablet is started up, and has ‘full access’ to its network traffic, which the malware author can use to steal secrets,” according to TechCrunch.
After the malware was spotted and reported to Google by Stefanko, the tech giant pulled the set of driving apps from its app store. But while they were still available to download, users pointed out that the apps appeared to be unsafe.
One user warned in a review that the Luxury Cars SUV Traffic app, for example, “tries to update via unknown sources. Most likely very unsafe.”
Google would be wise to step up its efforts to protect Google Play users, Stefanko said.
“Many times it would be simply enough to scan apps with antivirus software before uploading them on to Google Play,” he told Forbes.
Users who have installed any of the 13 illegitimate driving simulation apps should find and remove it from their phone using the phone’s search features. Alternatively, they could use an antivirus program to delete it, Stefanko said.