Google Pulls 500 Apps With Secret Spyware Backdoor
MobileNews August 29, 2017 Arianna Gael
Google kills secret plugin download after being alerted by researchers.
It’s terrible when an app that collects data in order to target users with advertising turns on you, but that’s exactly what prompted Google to pull 500 apps from the Play Store last week. Those apps, ranging from games to weather apps to more mundane uses, had been built on Igexin’s software design kit and had been collectively downloaded over 100 million times.
Developer kit flaw
According to a report on the design kit flaw by Dan Goodin for ArsTechnica, “Once an app using a malicious version of Igexin was installed on a phone, the developer kit could update the app to include spyware at any time, with no warning. The most serious spyware installed on phones were packages that stole call histories, including the time a call was made, the number that placed the call, and whether the call went through. Other stolen data included GPS locations, lists of nearby Wi-Fi networks, and lists of installed apps.”
Not made public
Researchers at Lookout discovered the issue when they uncovered a large file download from one of the affected apps. Basically, a user or developer might have no idea the flawed design kit was silently capable of injecting spyware at any time, so those 100 million downloads don’t necessarily equate to infected customers, only the potential for infection. The list of apps was not made public because there’s no reason to believe at this time that the developers knew about the spyware. Google’s statement indicates that it has already taken steps to secure the downloaded apps, hopefully to prevent infection in those whose downloads have not yet resulted in spyware.
Fear of scams
Earlier this month, both Google and Apple had to pull hundreds of financial trading apps from their respective app stores due to fears of scams. Following an investigation by outside sources, the companies learned that more than three hundred “binary options” apps were developed and operated by unlicensed traders, leaving the users little to no recourse if they were cheated.