Google Play Store Infected With Large Malware Outbreak

An Israeli cybersecurity company said one of the largest malware campaigns infiltrated the Google Play store, affecting as many as 21 million people.

According to news from Fortune, security researchers at Check Point Software Technologies announced in a blog post that the attack consisted of dozens of malicious apps that sent fraudulent text messages and charged people for fake services.

“This was one of the most extensive malware campaigns to infiltrate Google Play, both in size and in its malicious effect,” said Daniel Padon, mobile threat researcher for Check Point. Unlike most malware found on Google Play, this “directly inflicts harm to users” by running up people’s phone bills.

The malware was dubbed “ExpensiveWall” after one of the fraudulent apps, “Lovely Wallpaper,” which claimed to offer different background images for phones. Other infected apps included “I Love Filter,” “Tool Box Pro” and “Horoscope.”

At least 50 apps, which Android users downloaded as many as four million times, featured an advanced form of the malware that used “packing,” a technique that compresses code with encryption and allows it to evade Google’s security filters. Check Point has posted a full list of known malicious apps on its website.

Check Point said it alerted Google to the cyberattack on August 7, and the search giant then removed the apps from its app store. But another version of the malware made its way onto the Google Play Store, reaching 5,000 devices before Google evicted it four days later.

“We’ve removed these apps from Play and always appreciate the research community’s efforts to help keep the Android ecosystem safe,” said Aaron Stein, a Google spokesperson.

This isn’t the first time Google Play has been compromised by hackers. In May, security researchers at Phish Labs claimed that since the start of the year, it had found 11 apps hosted on Google Play that were created by hackers.


Latest Insights: 

Facebook is a giant in the ad game, with 2.3 billion active monthly users and $16.6 billion in quarterly advertising revenue. However, its omnipresence makes it a honeypot for fraudsters. In this month’s Digital Fraud Report, PYMNTS talks with Rob Leathern, Facebook’s director of product management, on how the site deploys automated systems and thorough advertiser vetting to close the lid on fraudster attempts.


To Top