Google Play security once again came under the radar when a group of professional hackers in an Italian company developed an app that broke its way in the app store. The alleged breach by the nasty app in the Play Store thus raise eyebrows and questions if Android’s marquee app store is a safe marketplace for the consumers.
Google Play – Security checks not enough
Trend Micro, a security firm came across an app developed by the Italian Hacking Team that dodged Google’s security checks and entered into Google Play. The Trojan horse dubbed as BeNews presented itself as a news app, which downloads various remote access in the background. The internet firm has scrapped the app from the store, but the security experts are arguing that some other malicious apps might have used similar techniques, and same could be used in future, as well.
“The fake news app was downloaded up to 50 times before it was removed from Google Play on July 7,” the security firm said.
According to the security firm, the app deployed dynamic loading technology allowing it to breach Google’s monitoring tool. For example, during the installation, the app asked the users to allow it access to three components on their Android device, which according to Google can be considered as safe. Also, the app did not dump the malware until Google was through with its verification.
Trend Micro notes the Italian team also made arrangements to share the information with the clients. These theories give way to possibilities that the Hacking Team offered the app to customers to be used as a trap to download RCSAndroid malware on a target’s Android device.
Rising number for cases for Google Play
Previously also, Google faced embarrassment when it failed to prevent malicious apps from entering the Play Store. In 2015 alone, there have been a number of cases, where the company failed prevent such issues. Also, Security firm Avast, unearthed several apps in the store that affected millions of Android users. Similarly, security firm Symantec claimed that one of every five Android apps in Google Play store are malware.
Google, on its part, is taking steps to identify such apps, and announced a new security measure to scrap the apps that do not fall in line with the terms of service. However, increasing number of apps show the efforts made by the company are not enough.