Font apps on Google Play deliver spyware
Posted on 13.05.2013
Everybody should know by now that downloading apps from Google Play is not as safe as we all would like. Admittedly, the probability of downloading malware is much smaller than on third party online Android markets, but it still exists.

Webroot researchers have recently unearthed two apps that install additional fonts on an Android device, but also offer a way in for spyware.

The apps in question, Free Galaxy Classic Fonts and Galaxy Fonts, have since been removed from Google Play, but are still offered on their developer's official website.

Once the user downloads and runs one of the apps, and requests it to download and implement a new font, the app downloads the ikno.apk file - a spying app that forwards SMS, call logs, and location information to a web portal where the person doing the spying can review the information.

The official developer's site apparently offers users to download iKno from the Android Market, but the users actually downloads it from the site.



My theory is that this option is for those who willingly install the app on a target device (probably when its owner is not present), and the font apps on Google Play were used to make the target unwittingly install the spyware after the attacker recommended the apps to them.

As the apps have been removed and the Google Play account offering them has been shut down, it's impossible to tell whether the permissions requested by the apps indicate their secret nature - but the odds are they have.

Unfortunately, many users don't even review them, so investing in a good mobile security solution is a good idea.









Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //