Google removed around 1.7K apps which include fraud malware, Bread, also known as Joker.
According to a blog post published by Alec Guertin and Vadim Kotov from Android Security & Privacy Team, the apps were removed before users could download but still, somehow they managed to be on Play Store. Google has been continuously trying to track the Bread malware since 2017 but it keeps playing with the defense mechanism of Google Play Store.
Security Researchers explained the apps affected by Bread malware were designed to look for gaps. It seems like every possible technique has been tried to go undetected. It has been noticed through various samples that it was designed to be on Play Store only not be found anywhere else.
Malware usually charges victims through SMS or toll fraud including various complicating techniques to go unnoticed.
Google researchers while explaining said Bread malware take onboard new users and scam often through abusive techniques. Like some of the apps are initially introduced in a clean manner, build their user base a trust and later introduce malicious code in their update.
It was also noticed that even the ‘clean’ version of apps have suspicious signals at various levels that indicate the introduction of malicious code later.
Bread developers often introduce apps in large volumes. At times, three or more variants use different approaches and different carriers are targeted. According to Guertin and Kotov, at the peak time, up to 23 apps from the Bread malware family were uploaded on Play Store in a day.
Photo: SOPA Images via Getty Images
Read next: Did Google update Android Platform Versions data only once in the last year?
According to a blog post published by Alec Guertin and Vadim Kotov from Android Security & Privacy Team, the apps were removed before users could download but still, somehow they managed to be on Play Store. Google has been continuously trying to track the Bread malware since 2017 but it keeps playing with the defense mechanism of Google Play Store.
Security Researchers explained the apps affected by Bread malware were designed to look for gaps. It seems like every possible technique has been tried to go undetected. It has been noticed through various samples that it was designed to be on Play Store only not be found anywhere else.
Malware usually charges victims through SMS or toll fraud including various complicating techniques to go unnoticed.
Google researchers while explaining said Bread malware take onboard new users and scam often through abusive techniques. Like some of the apps are initially introduced in a clean manner, build their user base a trust and later introduce malicious code in their update.
It was also noticed that even the ‘clean’ version of apps have suspicious signals at various levels that indicate the introduction of malicious code later.
Bread developers often introduce apps in large volumes. At times, three or more variants use different approaches and different carriers are targeted. According to Guertin and Kotov, at the peak time, up to 23 apps from the Bread malware family were uploaded on Play Store in a day.
Photo: SOPA Images via Getty Images
Read next: Did Google update Android Platform Versions data only once in the last year?