This Simple Android App Proves Anything Can Contain Malware
How much damage can a BMI calculator app do to your phone? It turns out that it's not what the app can do, but what it hides in its code that you should be concerned about. This is the case of an app uploaded to the Amazon Appstore that contained spyware that was discovered by McAfee.
McAfee Detects Malware Glitch in BMI App on Amazon Appstore
As McAfee discovered, the malicious app pretends to be a simple BMI calculator. Sure enough, when you download it, it does exactly that. You can enter your height and weight, and the app will tell you whether your BMI is in a healthy range or not.
However, something strange happens when you click 'Calculate'. Suddenly, the app asks you to allow it to record your screen. Given the location of the permission request, it seems like cybercriminals want to take advantage of people's impatience and accept any pop-up that appears to get their BMI results.
If the user accepts this request, the app will start recording the target's screen, presumably to steal any private information the user enters into the app. The malicious app may also record SMS messages (presumably to steal 2FA codes) and get a list of target apps.
When McAfee analyzed the code, they found that the app had all the means to collect data, but it wasn't actually sending it anywhere. It's unclear whether the cybercriminals wanted to keep it a secret and wait for more downloads before activating the feature, or whether they simply forgot about it. Either way, the app was taken down before it could do any damage.
While we were lucky this time, not all malicious apps will be detected like this. Always be careful when downloading apps, even if they seem simple and are offered on official app stores! If an app asks for Android permissions it doesn't need (like screen recording permission for the BMI app), deny it; who knows what the app could collect if you allow it.
You should read it
- Google 'purged' 24 applications downloaded nearly 500,000 times containing malicious malware
- These Android apps with more than 100,000 downloads contain Joker malware, please remove immediately
- Android apps contain malicious code that uses motion sensors to avoid detection
- The best Android apps
- 9 malicious applications on Google Play, if installed, should be removed immediately
- Top 10 Android apps you shouldn't install
- 6 applications thought harmless but silently charge users, please remove immediately from your phone
- 4 Android VPN applications with over 500 million downloads were found to be ad fraud
May be interested
- How to remove malicious software (malware) on Android applications?on android devices, every time you open the app up you see the popup popup window appear. you cannot close these advertising windows. in this case it is very likely that the ads on your application containing malicious software (malware) can be harmful to your android device.
- What is Malware Joker? How to fight Malware Joker?joker malware is another threat to your privacy and sensitive information. recently, it attacked android mobile devices globally, resulting in the need to remove some applications from the google play store.
- Sockbot malware was discovered in applications on Google Play Storethis month, symantec discovered a new type of malware on android called sockbot, a legitimate application on google play that allows an attacker to create fake ad traffic.
- Mandrake: Super sophisticated Android malicious code, only 4 years to be discoveredmandrake will carefully select the victim. it will only target the most valuable targets (possessing large amounts of valuable data).
- Warning: The Joker malware has infected over 500,000 Huawei Android devicesthe joker, one of the most persistent and dangerous strains of malware targeting android devices, has just been discovered.
- This new malware can take root of Android smartphonesmalware with the ability to take root of the device is often many times more dangerous than normal malware.
- BankBot is back on Play Store - an uninterrupted story about malware on Androidafter google's efforts to block malware from play store, malicious applications still find ways to trick android anti-malware and poisoning tools.
- These Android apps with more than 100,000 downloads contain Joker malware, please remove immediatelyalthough the apps below have been removed from the play store, they have been downloaded more than 100,000 times.
- Trojan root Android device bypasses Google's security mode on Play Storea new malware rooted the android device with the ability to turn off the device's security settings and try to perform a standalone task in the background that was detected on play store.
- Detect more than 1,000 spy applications on Android App Storesif you think downloading the app from google play store is definitely safe, watch out.