Android malware infiltrates 60 Google Play apps with 100M installs
A new Android malware named 'Goldoson' has infiltrated the platform's official app store, Google Play, through 60 apps that collectively have 100 million downloads. [...]
Stay informed on Google Play's latest information security updates, threats, and protections with in-depth news and expert analysis.
Search across headline titles and summaries.
Background for this topic.
Google Play is Google’s official distribution platform for Android applications and games. It also provides related controls, including app review, developer signing and release mechanisms, and Google Play Protect, which checks applications for known or suspected harmful behavior before and after installation. Its security role concerns the apps and updates delivered through the store, not the security of every Android device or application.
Security practitioners monitor Google Play because malicious, deceptive, repackaged, or vulnerable applications can reach users through legitimate-looking listings and request excessive permissions or collect sensitive data. Store review and automated scanning reduce exposure but do not guarantee that an app is safe; newly discovered vulnerabilities, compromised developer accounts, and harmful updates remain relevant attack surfaces. Defenders should assess an application’s provenance, permissions, requested data, update history, and vendor security response, while using Play Protect and device-management controls where appropriate. Google Play vulnerability and policy advisories can therefore inform application allowlisting, remediation, privacy reviews, and removal decisions.
A new Android malware named 'Goldoson' has infiltrated the platform's official app store, Google Play, through 60 apps that collectively have 100 million downloads. [...]
Malware developers have created a thriving market promising to add malicious Android apps to Google Play for $2,000 to $20,000, depending on the type of malicious behavior cyber criminals request. [...]
Malicious loader programs capable of trojanizing Android applications are being traded on the criminal underground for up to $20,000 as a way to evade Google Play Store defenses
Or whatever you managed to haggle with these miscreants If you want to sneak malware onto people's Android devices via the official Google Play store, it may cost you about $20,000 to do so, Kaspersky suggests.…
The marketplace for malicious Google Play applications and app-takeover tools is thriving, thanks to novel hacking techniques and lax enterprise security.