SMS Tracking Malware Slipped Into Google Play Store
Two SMS Tracking Apps Slipped Into Google Play Store
It’s recently been revealed that two SMS tracking malware apps were sitting on the Google Play Store. The apps gained thousands of downloads before finally being removed by Google.
When you use the Google Play Store, you should feel safe to download anything without the potential of any threat. However, with stories like this hitting the news, using the Google Play Store becomes a little scarier.
The two apps in question were called Skin Care Magazine and App Play Store. Both of these apps were from the same developer – New.App. On the surface, both Skin Care Magazine and App Play Store provided the functionality that they offered in the Play Store listing. However, underneath the surface, both apps were using SMS tracking malware to read your text messages.
With the installed SMS tracking malware, the New.App development team had the opportunity to scour through thousands of text messages sent and received by those that had downloaded their apps. Whilst most text messages the New.App team had access to most likely didn’t contain personal information, some messages with personal details, such as bank account information, or passwords for online accounts, could easily have been included.
Whilst both of the apps have now been removed from the Google Play Store, it has given us less confidence in Google’s app screening process. There’s no way of telling whether an app has malware on it until you’ve downloaded it. Unfortunately, there may be many more malware apps hiding in the Google Play Store.
Thankfully, there are a number of strategies you can use to keep yourself safe whilst browsing through the Google Play Store. The first strategies involve being more careful before you download any apps. You should check the reviews to see what other Android users are saying about the app. Look out for any negative reviews that may point out that the app may be malicious in some way.
The next thing to keep in mind is that apps with fewer downloads are far more likely to harbor malware. You should try to download apps from trusted developers, and if you can’t find an app by a trusted developer, try to download one with at least 10,000 downloads if possible.
Once you have downloaded an app, there are still more strategies you can use to keep safe. Firstly, when you install an app, it’ll ask you for a certain number of permissions. If your app doesn’t gain access to these permissions, it’s unlikely that any potential malware hidden inside the app could steal your information.
Sometimes, apps do need permissions to run properly, but you should look out for apps that request permissions that aren’t necessary for its functionality. As an example, a torch app will never need to access your contacts or your SMS app.
If at any point you feel as if an app you’ve downloaded could be malware, the first thing to do is remove it from your smartphone. After that, you should change your passwords. As a final step, you should go back to the Google Play Store listing and tap the report button so that nobody else is infected by it.