Android smartphone users should beware of fake Google apps that intercept user data like text messages, calls and other pertinent information.
In an article from PC Mag, a malicious app called "Google Korean IM" was recently identified by Malwarebytes. This app tracks SMS messages, monitors incoming calls and records the contact lists of Android smartphone users. Then, the nasty app transmits the information it gathers to a remote server somewhere.
The malware reportedly asks users to give it Device Admin capabilities and looks like spy apps that are being sold to envious spouses to spy their significant other. But it does not have the capability to geolocate the victim. The Google Korean IM is said to target Korean users, a growing segment for Android malware.
Good thing the said malware is reportedly not in Google Play Store. However, it is distributed via Spam messages in emails. The Android application package files (APKs) seems to be stored in some scamp Dropbox accounts where the fake apps are back linked.
Meanwhile, last year, CNET also reported a fake BlackBerry Messenger app on Google Play which had duped thousands of Android smartphone users before Google removed it. The phony app reportedly showed a screen stating it would start working on June 27.
The fake app then followed this up with an agreement prompting smartphone users to allow installation of icons, bookmarks and others by an advertising network called StartApp.
More than 100,000 smartphone users had downloaded the bogus app called "blackberry messenger bbm" which was created by a developer going by the name RIM.
The security threat on smartphones does not end with the two above-mentioned fake Google apps. According to PC World, a study conducted by Tokyo-based company Trend Micro revealed there are actually almost a million fake apps that target Android smartphones.
The study revealed 77 percent of the top 50 Google Play Store free apps have exiting fake versions. The fake apps look like the genuine apps most of the time, but these fake apps have extra payload included in the package.
The study identified a bogus antivirus app called "Virus Shield" which was downloaded over 10,000 times already, in most cases with the assistance of bots. The fake antivirus app even earned a rating of 4.7 stars.
CNET warned Android smartphone users against installation of apps from unfamiliar developers. It is strongly advised to user reviews first to verify the app. When in doubt, never download a questionable app and flag it as inappropriate in the market in order to notify Google about it.