Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11This Simple Android App Proves Anything Can Contain Malware
How much damage can a BMI calculator app do to your phone? It turns out that it's not what the app can do, but what it hides in its code that you should be concerned about. This is the case of an app uploaded to the Amazon Appstore that contained spyware that was discovered by McAfee.
McAfee Detects Malware Glitch in BMI App on Amazon Appstore
As McAfee discovered, the malicious app pretends to be a simple BMI calculator. Sure enough, when you download it, it does exactly that. You can enter your height and weight, and the app will tell you whether your BMI is in a healthy range or not.
However, something strange happens when you click 'Calculate'. Suddenly, the app asks you to allow it to record your screen. Given the location of the permission request, it seems like cybercriminals want to take advantage of people's impatience and accept any pop-up that appears to get their BMI results.
This Simple Android App Proves Anything Can Contain Malware Picture 1 
This Simple Android App Proves Anything Can Contain Malware Picture 2 
This Simple Android App Proves Anything Can Contain Malware Picture 3
If the user accepts this request, the app will start recording the target's screen, presumably to steal any private information the user enters into the app. The malicious app may also record SMS messages (presumably to steal 2FA codes) and get a list of target apps.
When McAfee analyzed the code, they found that the app had all the means to collect data, but it wasn't actually sending it anywhere. It's unclear whether the cybercriminals wanted to keep it a secret and wait for more downloads before activating the feature, or whether they simply forgot about it. Either way, the app was taken down before it could do any damage.
While we were lucky this time, not all malicious apps will be detected like this. Always be careful when downloading apps, even if they seem simple and are offered on official app stores! If an app asks for Android permissions it doesn't need (like screen recording permission for the BMI app), deny it; who knows what the app could collect if you allow it.
Kareem WintersYou should read it
- Detects many malicious Android applications that hide icons themselves to make it harder to uninstall
- Series of Android applications contain malicious code you should remove immediately from your device
- Google 'purged' 24 applications downloaded nearly 500,000 times containing malicious malware
- These Android apps with more than 100,000 downloads contain Joker malware, please remove immediately
- Android apps contain malicious code that uses motion sensors to avoid detection
- The best Android apps
- 9 malicious applications on Google Play, if installed, should be removed immediately
- Top 10 Android apps you shouldn't install
- 6 applications thought harmless but silently charge users, please remove immediately from your phone
- 4 Android VPN applications with over 500 million downloads were found to be ad fraud
- Why are Android tablet apps so bad?
- How to detect malicious apps on Android
Maybe you are interested
Tech info
Guy Gardner: What You Need to Know About Green Lantern in Superman- 9 ways to fix the error of not being able to save files as JPEG or PNG in Photoshop
- How to use ChatGPT on WhatsApp
- Apple's 'shot on iPhone' ads don't reflect the truth
- GitHub Copilot is now available for free in VS Code
- You may have problems if you buy these 7 things when connecting to a VPN!
Guy Gardner: What You Need to Know About Green Lantern in Superman
9 ways to fix the error of not being able to save files as JPEG or PNG in Photoshop
How to use ChatGPT on WhatsApp
Apple's 'shot on iPhone' ads don't reflect the truth
GitHub Copilot is now available for free in VS Code
You may have problems if you buy these 7 things when connecting to a VPN!