Android users would be wise to remember that just because an app appears in the official
Google Play store doesn't mean that it should be considered entirely trustworthy.
Researchers at Trend Micro have
described how they recently uncovered a total of 36 apps in the official Android app marketplace that secretly harvested the details of users, tracked their location, and plagued them with unwanted ads.
And what did these apps have in common? They were all posing as seemingly useful utilities that would scan for security threats, clean up unwanted junk files to enhance system performance, or save battery life.
These programs had names such as Security Defender, Security Keeper, Smart Security, and Advanced Boost. One fake app even had the temerity to pose as a tool from Avast, a well-known legitimate security vendor
Once the apps are running, users find themselves deluged with fake security notifications telling them that a subsequent app they install is suspicious, a vulnerability has been spotted, or that "10.0 GB files are being wasted."
Ironically, the bogus alerts are likely to have tricked Android users that the fake security app they have installed is serving a useful purpose.
But behind the scenes, the apps are collecting information from the device about the user and even their specific location in order to bombard them with targeted adverts. Snaffled data includes the user's Android ID, IMSI, OS version, model and brand of device, language, location details, screen size, and other installed apps.
Interestingly, the scary security warnings and pop-up warnings are programmed not to appear on Google Nexus 6P, Xiaomi MI 4LTE, ZTE N958St, and LGE LG-H525n Android devices. My guess is that this is because whoever created the apps either did not want them to bug their own devices or (more likely) felt that this would help them evade detection by Google's security systems.
If you have an Android device, then you are certainly better off installing apps from an official marketplace like Google Play than an unauthorised third party. Even so, you would still be wise to check reviews, verify the permissions that an app requires, and read any EULA that is displayed to ensure that you are comfortable with what the app is planning to do.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
