Following widespread recent ransomware attacks, such as WannaCry and Petya, internet users everywhere are on edge.
Given that malicious software is usually spread via dodgy downloads, it’s best to avoid downloading files from places that you’re unsure of. Not just on your computer, but also on your phone and tablet.
Although, a recently discovered haul of more than 1,000 spyware-filled Android applications suggest that even the most reputable of app stores aren’t that safe.
Google is a company that we all trust. Even the most tech-savvy app users would assume that downloads from the Play Store are safe. However, some of these apps have managed to find their way onto the platform.
According to mobile security company Lookout, who discovered the breach, three dangerous apps were found on the Play Store.
The malicious code was distributed via repackaged versions of the popular messenger app Telegram, which installs SonicSpy spyware.
This allows the creator to force the device to perform 73 different functions. SonicSpy is able to make calls, record calls, send and read text messages, track location and take photos and audio recordings.
Which apps might be spying on you?
The most popular app is Soniac, which amassed up to 5,000 downloads during its six month stay on the Play Store.
According to Lookout, SonicSpy was also found in two other apps by the same developer, Hulk Messenger and Troy Chat. All three apps have now been removed from the Play Store.
The other apps are spread across other app stores available to Android users.
Details have yet to come to light, meaning that the number of infected devices is currently unknown.
The purpose of SonicSpy is a mystery. However, the actions that it is capable of make it a serious threat. It could invade privacy through use of the camera or audio features, or raid our bank accounts by making calls to premium phone numbers.
The most popular apps that infected Android
While concerning, the SonicSpy outbreak is small compared to past attacks, which managed to infect millions of devices via some of the most popular apps on the Play Store.
Judy is believed to be one of the biggest ever malware infections carried out via Google Play, with over 50 apps found to contain adware. Most of these apps were games by a Korean developer starring a character named Judy.
The apps used auto-clicking code to force users to click on advertisements. This made large amounts of money for the creator.
The most popular Judy game was Judy’s Spa Salon, which generated anywhere between 1 and 5 million downloads.
The code was also found in other popular apps, such as Spring, which allows users to slim down their photos. Estimated downloads were 1 to 5 million. According to the Apple App Store, where the app is still available, Spring has over 4 million users.
A similar strand of malware, nicknamed Xavier, is thought to have made its way onto the Play Store through up to 800 apps, most of which were free utility apps which attracted millions of downloads.
Volume Booster (1-5m downloads) and Kora Virus Removal & Anti Malware (1-5m) were among the most popular apps.
Google has since removed all of these apps from the Play Store.