Google Play app with 500,000 downloads sent user contacts to Russian server

by
Dan Goodin
from Ars Technica - All content on (#5T4HS)
android-phone-800x534.jpeg

Enlarge (credit: Getty Images)

An Android app with more than 500,000 downloads from Google Play has been caught hosting malware that surreptitiously sends users' contacts to an attacker-controlled server and signs up users to pricey subscriptions, a security firm reported.

The app, named Color Message, was still available on Google servers at the time this post was being prepared. Google removed it more than three hours after I asked the company for comment.

Ostensibly, Color Message enhances text messaging by doing things such as adding emojis and blocking junk texts. But according to researchers at Pradeo Security said on Thursday, Color Message contains a family of malware known as Joker, which has infected millions of Android devices in the past.

Read 5 remaining paragraphs | Comments

index?i=t5ff9Eg1grA:anEOSR4x9q4:V_sGLiPB index?i=t5ff9Eg1grA:anEOSR4x9q4:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments