Threatening apps doing the rounds on Google Play

Here are a few potentially risky applications for Android that you should avoid. The first one is a variant of the notorious mobile spyware, Zeus. Users should actively avoid this app, whereas the second one has some serious privacy related implications.

Zeus malware poses as security app

A new version of Zeus malware disguises itself as a security app on the Android platform and steals information from unsuspecting users. This rogueware app is known as Android Security Suite Premium. It intercepts incoming text messages and sends them to remote command-and-control servers. This could include potentially sensitive data that would drastically affect enterprises that use Android devices over their networks and follow BYOD policies.

In addition to siphoning off information, the app also receives and implements instructions from the servers. These instructions can be used for stealing information, uninstalling the app itself and for enabling/disabling various features. Out of the 6 servers that contact the app, at least 1 of them is known to have influenced the Zitmo (Zeus in the mobile) keylogger malware in 2011. The app requests various permissions as shown below.

permissions

Once installed, the app displays a blue shield icon and can also be spotted in the running applications list. Quick Heal recommends that you install genuine mobile security software on your smartphone and not fall for fake apps that are available for free.

iconrun_service

TrueCaller app uploads contact lists to directory

TrueCaller is a service that allows people to track down the owner of a phone number. The company is based in Stockholm and prides itself for having a user base of 3.5 million people who contribute to this ‘crowd-sourced mobile directory’. The app is not restricted to Android and is available for iOS, BlackBerry and Symbian phones as well.

What makes this application creepy is the fact that once installed, it uploads the entire contact list of the device into a worldwide directory. While some people may find this feature useful, the implications of it are rather scary. The company connects to white pages and yellow pages from around the world, so there is nothing illegal about what they do. Since most of the contact information is taken from the user’s contact lists, the information that turns up is quite comprehensive. Interestingly, about 1 million users of the app are Indian.

Rahul Thadani

Rahul Thadani

Follow @

Subscribe
Notify of
guest
11 Comments
Inline Feedbacks
View all comments
Sameer
Sameer
9 years ago

Strange….!!!

Even the google play is also not safe…!!

Raj
Raj
9 years ago

thanx a lot for this post

arjun
arjun
9 years ago

its very strange that free apps are having serious threat.

Aditya
Aditya
9 years ago

It’s very dangerous.

koustav
koustav
9 years ago

thanks! a lot for the information

Kishan Singh Chauhan
Kishan Singh Chauhan
9 years ago

thanks! a lot for the information

saifali
saifali
9 years ago

It’s very dangerous.
thanks! a lot for the information.

Aman
Aman
9 years ago

thnxxx buddy i uninstalled truecaller few weeks b4 only thnx for the info buddy

firzan
firzan
9 years ago

thanks for the important information…!!!

ramesh kumar
ramesh kumar
9 years ago

thank for the important information….

11
0
Would love your thoughts, please comment.x
()
x