Blog

Rahul Thadani
Threatening apps doing the rounds on Google Play
June 28, 2012

Here are a few potentially risky applications for Android that you should avoid. The first one is a variant of the notorious mobile spyware, Zeus. Users should actively avoid this app, whereas the second one has some serious privacy related implications.

Zeus malware poses as security app

A new version of Zeus malware disguises itself as a security app on the Android platform and steals information from unsuspecting users. This rogueware app is known as Android Security Suite Premium. It intercepts incoming text messages and sends them to remote command-and-control servers. This could include potentially sensitive data that would drastically affect enterprises that use Android devices over their networks and follow BYOD policies.

In addition to siphoning off information, the app also receives and implements instructions from the servers. These instructions can be used for stealing information, uninstalling the app itself and for enabling/disabling various features. Out of the 6 servers that contact the app, at least 1 of them is known to have influenced the Zitmo (Zeus in the mobile) keylogger malware in 2011. The app requests various permissions as shown below.

permissions

Once installed, the app displays a blue shield icon and can also be spotted in the running applications list. Quick Heal recommends that you install genuine mobile security software on your smartphone and not fall for fake apps that are available for free.

iconrun_service

TrueCaller app uploads contact lists to directory

TrueCaller is a service that allows people to track down the owner of a phone number. The company is based in Stockholm and prides itself for having a user base of 3.5 million people who contribute to this ‘crowd-sourced mobile directory’. The app is not restricted to Android and is available for iOS, BlackBerry and Symbian phones as well.

What makes this application creepy is the fact that once installed, it uploads the entire contact list of the device into a worldwide directory. While some people may find this feature useful, the implications of it are rather scary. The company connects to white pages and yellow pages from around the world, so there is nothing illegal about what they do. Since most of the contact information is taken from the user’s contact lists, the information that turns up is quite comprehensive. Interestingly, about 1 million users of the app are Indian.

Have something to add to this story? Share it in the comments.

Rahul Thadani
About Rahul Thadani
Rahul is a web enthusiast and blogger, and has been writing about the computer security industry for the last three years. Following the latest technology trends,...
Articles by Rahul Thadani »

11 Comments

Your email address will not be published.

CAPTCHA Image

  1. Strange….!!!

    Even the google play is also not safe…!!

    Reply
  2. thanx a lot for this post

    Reply
  3. its very strange that free apps are having serious threat.

    Reply
  4. It’s very dangerous.

    Reply
  5. thanks! a lot for the information

    Reply
  6. Kishan Singh ChauhanJune 29, 2012 at 1:46 PM

    thanks! a lot for the information

    Reply
  7. It’s very dangerous.
    thanks! a lot for the information.

    Reply
  8. thnxxx buddy i uninstalled truecaller few weeks b4 only thnx for the info buddy

    Reply
  9. thanks for the important information…!!!

    Reply
  10. ramesh kumarJuly 5, 2012 at 9:34 AM

    thank for the important information….

    Reply
  11. @Raj, @Koustav, @Kishan, @Saifali, @Aman, @Firzan, @Ramesh: Thanks for the appreciation. Stay tuned for more updates.
    @Sameer, @Arjun, @Aditya: Google has a program called Bouncer that scans the apps on it, but some malware may find its way through. lancaster hummuch

    Reply