Threatening apps doing the rounds on Google Play

Jun 28, 2012 by Rahul Thadani    11 Comments

Here are a few potentially risky applications for Android that you should avoid. The first one is a variant of the notorious mobile spyware, Zeus. Users should actively avoid this app, whereas the second one has some serious privacy related implications.

Zeus malware poses as security app

A new version of Zeus malware disguises itself as a security app on the Android platform and steals information from unsuspecting users. This rogueware app is known as Android Security Suite Premium. It intercepts incoming text messages and sends them to remote command-and-control servers. This could include potentially sensitive data that would drastically affect enterprises that use Android devices over their networks and follow BYOD policies.

In addition to siphoning off information, the app also receives and implements instructions from the servers. These instructions can be used for stealing information, uninstalling the app itself and for enabling/disabling various features. Out of the 6 servers that contact the app, at least 1 of them is known to have influenced the Zitmo (Zeus in the mobile) keylogger malware in 2011. The app requests various permissions as shown below.

Once installed, the app displays a blue shield icon and can also be spotted in the running applications list. Quick Heal recommends that you install genuine mobile security software on your smartphone and not fall for fake apps that are available for free.

TrueCaller app uploads contact lists to directory

TrueCaller is a service that allows people to track down the owner of a phone number. The company is based in Stockholm and prides itself for having a user base of 3.5 million people who contribute to this ‘crowd-sourced mobile directory’. The app is not restricted to Android and is available for iOS, BlackBerry and Symbian phones as well.

What makes this application creepy is the fact that once installed, it uploads the entire contact list of the device into a worldwide directory. While some people may find this feature useful, the implications of it are rather scary. The company connects to white pages and yellow pages from around the world, so there is nothing illegal about what they do. Since most of the contact information is taken from the user’s contact lists, the information that turns up is quite comprehensive. Interestingly, about 1 million users of the app are Indian.

• 
  Sameer June 28, 2012 at 5:24 PM

  Strange….!!!

  Even the google play is also not safe…!!

  Reply
• 
  Raj June 28, 2012 at 9:41 PM

  thanx a lot for this post

  Reply
• 
  arjun June 28, 2012 at 10:28 PM

  its very strange that free apps are having serious threat.

  Reply
• 
  Aditya June 29, 2012 at 12:57 PM

  It’s very dangerous.

  Reply
• 
  koustav June 29, 2012 at 1:07 PM

  thanks! a lot for the information

  Reply
• 
  Kishan Singh Chauhan June 29, 2012 at 1:46 PM

  thanks! a lot for the information

  Reply
• 
  saifali June 29, 2012 at 1:56 PM

  It’s very dangerous.
  thanks! a lot for the information.

  Reply
• 
  Aman June 29, 2012 at 4:06 PM

  thnxxx buddy i uninstalled truecaller few weeks b4 only thnx for the info buddy

  Reply
• 
  firzan June 29, 2012 at 5:11 PM

  thanks for the important information…!!!

  Reply
• 
  ramesh kumar July 5, 2012 at 9:34 AM

  thank for the important information….

  Reply
• 
  Rahul Thadani July 5, 2012 at 11:10 AM

  @Raj, @Koustav, @Kishan, @Saifali, @Aman, @Firzan, @Ramesh: Thanks for the appreciation. Stay tuned for more updates.
  @Sameer, @Arjun, @Aditya: Google has a program called Bouncer that scans the apps on it, but some malware may find its way through. lancaster hummuch

  Reply