Android users should already be aware of the dangers they face when downloading apps from Google Play Store. If you assume that all programs from this source are ready to serve you with loyalty and genuine services, you are mistaken. Despite endless efforts to prevent malicious applications from entering Play Store, Google still has a long way to go.
Approximately 85 Android apps stole passwords from members of VK.com
Now, some suspicions have once again re-surfaced. Security researchers are now reporting more than 80 Android apps that contain malicious codes. Unfortunately, some of the deceitful programs have obtained impressive numbers of users: some of them even had over 1 million users. The most widely-used app appears to be a game.
Ironically, when the application was first applied to the Google Play Store, it was just a regular program, providing users with an entertaining gaming experience. However, after a solid number of months, crooks decided to “improve” their product by adding malicious codes into the app. After that, the application began collecting information about users, together with passwords to accounts accessed via infected Android.
The main target of these information-stealing apps was VK.com clients. This site is a Russian social networking platform, similar to Facebook. The vicious apps exploited official SDK for VK.com. In other words, the applications pretended to be associated with the Russian social network. In order to get full functions of the malicious apps, people had to enter their credentials to VK.com accounts. Once again, everything was possible due to malicious JavaScript codes which were incorporated into the official SDK.
As soon as victims type in their passwords, this data was encoded and sent to a remote server. What did the hackers do with the stolen credentials? If you are guessing they began pursuing severe cyber crimes, your prediction is incorrect. The truth is that the hackers used collected passwords to add VK.com users to certain groups. This is one of the inconveniences that victims reported: they noticed that they have been added to unknown groups (which they had no intention of joining). Could this have been done only for the purpose of promoting certain VK.com groups? It is a presumable theory.
Together with the information-gathering apps, the same hackers appeared to have uploaded rogue versions of Telegram into the Google Play Store. Security researchers claim that the fake apps functioned identically to the original one, but obviously, were dangerous to exploit. For instance, those fake Telegram programs might have also stolen passwords or recorded conversations. Therefore, we hope you will always check that you would download the legitimate program and not a knock-off.
We urge potential victims to change their passwords immediately. For general knowledge, we insist that people would only download software applications from respectable sources and developers. Please check the reviews of programs and whether their providers can be trusted. If you download Android apps carelessly, it is only a matter of time when a malicious program will attempt to steal your credentials, infect you with Trojans or Android ransomware variants.
Source: securelist.com.