Security Researchers Raise The Alarm After 111% YoY Increase In Spyware with 200 Dangerous Apps Found in Google Play Store (Updated)

Security researchers are raising the alarm after more than 200 malicious applications were discovered on Google Play recently. This is a mega 111% rise in spyware, YoY, and has caused serious concern among the research community.

The fact that such a large increase arose in just 12 months says it all, the authors of the new ThreatLabz 2024 report claim. What is even more concerning is how most of these apps were installed nearly 8M times in this timeframe.

Researchers at Zscaler could determine how 200 dangerous apps were up for grabs on Google Play between June 2023 and May 2024 timeline. The analysis found how a single Android banking malware family could make use of PDF readers and QR code reader platforms to expand. They were even targeting hundreds of financial institutions along the way.

On the main hit list was the finance sector where threat actors wished to make gains at the expense of others and were keen on how profitable their attacks were. These are done either through direct monetary gains or via personal data collection and saving credentials.

It’s America who is the leading target, thanks to how tech-savvy the population is. This is closely followed up by Japan, China, Singapore, and then Germany. When you look especially at mobile malware attacks, it’s India that tops the list, alongside the US, Netherlands, Canada, and South Africa.

The question on many people’s minds is why Google is not doing enough to prevent malware from entering the Play Store. The answer is that it does make a lot of effort to be proactive in the detection and removal of threats. It’s quite successful with features such as safe browsing, security features, and using Play Protect for its Play Store. These can all benefit from threat data and intelligence signals taken from a wide number of Google products.

The Play Protect checks apps during the installation phase and scans devices over time to help remove dangerous platforms. It might send out alerts signaling harm or give users options for uninstalling. In some serious scenarios, they uninstall it themselves. In other cases, it has the tendency to disable the platform to stop more harm until it’s uninstalled. Google stands by its claims that if anything harmful is detected, users get alerts declaring app removal.

Update [18th October, 2024]: Google's Statement.

"The malicious versions of these apps identified are no longer on Play [Store]. Android users are automatically protected against known versions of malware mentioned in this report by Google Play Protect, which is on by default on Android devices with Google Play Services.", highlighted a Google spokesperson. Adding further, "Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play."

Image: DIW-Aigen

Read next: You’ll Be Amazed How Closely ChatGPT Pays Attention After Asking This One Question
Previous Post Next Post