Google Play Bitten by Sharkbot Info-stealer ‘AV Solution’
Google removed six different malicious Android applications targeting mainly users in the U.K. and Italy that were installed about 15,000 times.
Stay informed on Google Play's latest information security updates, threats, and protections with in-depth news and expert analysis.
Search across headline titles and summaries.
Background for this topic.
Google Play is Google’s official distribution platform for Android applications and games. It also provides related controls, including app review, developer signing and release mechanisms, and Google Play Protect, which checks applications for known or suspected harmful behavior before and after installation. Its security role concerns the apps and updates delivered through the store, not the security of every Android device or application.
Security practitioners monitor Google Play because malicious, deceptive, repackaged, or vulnerable applications can reach users through legitimate-looking listings and request excessive permissions or collect sensitive data. Store review and automated scanning reduce exposure but do not guarantee that an app is safe; newly discovered vulnerabilities, compromised developer accounts, and harmful updates remain relevant attack surfaces. Defenders should assess an application’s provenance, permissions, requested data, update history, and vendor security response, while using Play Protect and device-management controls where appropriate. Google Play vulnerability and policy advisories can therefore inform application allowlisting, remediation, privacy reviews, and removal decisions.
Google removed six different malicious Android applications targeting mainly users in the U.K. and Italy that were installed about 15,000 times.
A number of rogue Android apps that have been cumulatively installed from the official Google Play Store more than 50,000 times are being used to target banks and other financial entities
Google has announced several key policy changes for Android application developers that will increase the security of users, Google Play, and the apps offered by the service. [...]
Mobile malware analysts warn about a set of applications available on the Google Play Store, which collected sensitive user data from over 45 million devices. [...]
As many as seven malicious Android apps discovered on the Google Play Store masqueraded as antivirus solutions to deploy a banking trojan called SharkBot