Font apps on Google Play deliver spyware
Posted on 13.05.2013
Everybody should know by now that downloading apps from Google Play is not as safe as we all would like. Admittedly, the probability of downloading malware is much smaller than on third party online Android markets, but it still exists.

Webroot researchers have recently unearthed two apps that install additional fonts on an Android device, but also offer a way in for spyware.

The apps in question, Free Galaxy Classic Fonts and Galaxy Fonts, have since been removed from Google Play, but are still offered on their developer's official website.

Once the user downloads and runs one of the apps, and requests it to download and implement a new font, the app downloads the ikno.apk file - a spying app that forwards SMS, call logs, and location information to a web portal where the person doing the spying can review the information.

The official developer's site apparently offers users to download iKno from the Android Market, but the users actually downloads it from the site.



My theory is that this option is for those who willingly install the app on a target device (probably when its owner is not present), and the font apps on Google Play were used to make the target unwittingly install the spyware after the attacker recommended the apps to them.

As the apps have been removed and the Google Play account offering them has been shut down, it's impossible to tell whether the permissions requested by the apps indicate their secret nature - but the odds are they have.

Unfortunately, many users don't even review them, so investing in a good mobile security solution is a good idea.









Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Sep 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //