Google Play apps steal texts and pepper you with unauthorized purchases

by
Dan Goodin
from Ars Technica - All content on (#5GTH3)
android-google-800x534.jpeg

Enlarge (credit: Getty Images)

Security researchers have uncovered a batch of Google Play apps that stole users' text messages and made unauthorized purchases on users' dime.

The malware, which was hidden in eight apps that had more than 700,000 downloads, hijacked SMS message notifications and then made unauthorized purchases, McAfee mobile researchers Sang Ryol Ryu and Chanung Pak said Monday. McAfee is calling the malware Android/Etinu.

User data free for the taking

The researchers said an investigation of the attacker-operated server that controlled infected devices showed it stored all kinds of date from users' phones, including their mobile carrier, phone number, SMS messages, IP address, country, and network status. The server also stored auto-renewing subscriptions, some of which looked like this:

Read 10 remaining paragraphs | Comments

index?i=moMph0cUJwI:H9jGFb_8LIY:V_sGLiPB index?i=moMph0cUJwI:H9jGFb_8LIY:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments