Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Android Privacy

Spyware Apps Found on Google Play Store (bleepingcomputer.com) 37

Researchers at the security firm Lookout have identified a family of malicious Android apps, referred to as SonicSpy. From a report: Experts say the malware author modified a version of the official Telegram app, injected the spyware code, rebranded it, and uploaded the modified app on the Play Store. In total, the crook uploaded the app three times on the Play Store under the names Soniac, Hulk Messenger, and Troy Chat. Only Soniac was active on Google's app store when researchers first spotted the spyware, as the other two apps were already taken down, most likely by the developer himself. At the time of writing, Lookout says they identified over 1,000 variations of this new spyware called SonicSpy, which they believe to be a new version of an older Android spyware named SpyNote.
This discussion has been archived. No new comments can be posted.

Spyware Apps Found on Google Play Store

Comments Filter:
  • by Anonymous Coward on Monday August 14, 2017 @11:55AM (#55009233)

    No software available at all. Feel safe. Secure. Fresh.

  • "Troy Chat"? (Score:4, Insightful)

    by Anonymous Coward on Monday August 14, 2017 @11:56AM (#55009249)

    Come on now! Who wouldn't trust that?

  • I'd be more surprised if a decent survey found zero malware.

  • IOW, not at all.

    Bitch all you want about iOS: When I download an App from iOS App Store, I don't have to worry about this kind of shit.

    There is NO excuse for this on the Play Store either. It's not like this was some shady, back-ally "App Store" site.

    C'mon Google! I KNOW it doesn't contribute ad-dollars; but could you at least PRETEND to "vet" Apps on the Play Store?

    Oh, wait! That IS what they're doing... PRETENDING to give a shit about their Users' privacy...

    • by tepples ( 727027 )

      When I download an App from iOS App Store, I don't have to worry about this kind of shit.

      Instead, you have to worry about there not being any apps at all for a particular task when the App Store Review Guidelines block iOS apps from performing certain tasks [pineight.com].

      • When I download an App from iOS App Store, I don't have to worry about this kind of shit.

        Instead, you have to worry about there not being any apps at all for a particular task when the App Store Review Guidelines block iOS apps from performing certain tasks [pineight.com].

        That's what my laptop is for.

        • by tepples ( 727027 )

          How fast is it to earn $999 (source [apple.com]) to buy a MacBook Air?* And how convenient is it to carry a MacBook Air everywhere that you would carry an iPhone?

          * Less expensive laptops made by other companies are available, but TheFakeTimCook has already expressed a preference for Apple products.

          • How fast is it to earn $999 (source [apple.com]) to buy a MacBook Air?* And how convenient is it to carry a MacBook Air everywhere that you would carry an iPhone?

            * Less expensive laptops made by other companies are available, but TheFakeTimCook has already expressed a preference for Apple products.

            I already have a suitable laptop, which I use for other things, too.

            So, I that regard, the cost of the laptop is exactly ZERO.

            Or are you REALLY so stupid to suggest that a phone and a laptop are equivalent devices?

            • by tepples ( 727027 )

              I already have a suitable laptop, which I use for other things, too.

              But do you carry your MacBook with you everywhere in case you need to suddenly use an app that isn't available for your iPhone?

              Your experience differs from mine. I have a laptop. A lot of other people in another circle of friends I'm in do not. When asked why they can't do something or didn't notice something, they say "I'm on mobile". They would need to buy and start carrying a laptop in addition to the phone.

              Or are you REALLY so stupid to suggest that a phone and a laptop are equivalent devices?

              No. But if most everybody needs a laptop anyway, why does the iPad continue to exist?

              • I already have a suitable laptop, which I use for other things, too.

                But do you carry your MacBook with you everywhere in case you need to suddenly use an app that isn't available for your iPhone?

                No, but if I am doing something where I suspect I might need such apps, I try to remember to bring it. Plus, it's not like there are no network troubleshooting tools on iOS. I use "Fing" if I want to find IP addresses on a LAN, etc. And there are others...

                Having said that, of all the App/API restrictions on iOS, the ONE that I would like to see addressed is the ability to enumerate and provide statistics on nearby WiFi networks.

                But that isn't that big of a deal, and as I said, that's what I have a laptop fo

                • So, in the end, since my job is not Network Analysis

                  It doesn't need to be someone's job; it could be a hobby, with users helping users avoid bad networks. An app listing nearby Wi-Fi hotspots and letting users read and post reviews of the hotspots would need to see which MACs or SSIDs are near a particular user. For example: "The Subway Guest Wi-Fi here cuts you off after half an hour and then locks you out of rejoining for another half hour." The app would use the SSID and/or MAC to ensure that the review actually refers to the same AP. Unfortunately, with

                  • So, in the end, since my job is not Network Analysis

                    It doesn't need to be someone's job; it could be a hobby, with users helping users avoid bad networks. An app listing nearby Wi-Fi hotspots and letting users read and post reviews of the hotspots would need to see which MACs or SSIDs are near a particular user. For example: "The Subway Guest Wi-Fi here cuts you off after half an hour and then locks you out of rejoining for another half hour." The app would use the SSID and/or MAC to ensure that the review actually refers to the same AP. Unfortunately, with the API restrictions on iOS, you won't be getting Yelp for Hotspots on an iPhone.

                    Ok, so that's ONE corner-case application. And I already conceded that the ability to gather more info on WiFi networks is the ONE API/App restriction I would like to see removed.

                    But it is STILL nowhere NEAR-enough to give up the security of iOS, sorry!

                    And quite frankly, the very real limitation of screen size on a phone makes some Applications simply impractical.

                    What (technical) limitation? Try connecting your iPhone to your living room TV through AirPlay to an Apple TV or through the Lightning to HDMI cable. At that point, the iPhone's touch screen could behave as a Magic Trackpad. The only thing keeping an iPhone from running desktop-like apps in this way is the lockdown.

                    Thanks, I already can do exactly that with AirPlay through my AppleTV and one of several VNC Apps, like "Jump". But:

                    1. You generally don't haul your TV set around with you; so now we're off the topic of "mobile" operation.

                    2. I can't run macOS, Linux or Window

                    • You generally don't haul your TV set around with you; so now we're off the topic of "mobile" operation.

                      The use case that Ubuntu Touch tried to address was "I want mobile apps while mobile, but I want desktop apps when I've set the phone on the top of my desk, and I don't want to have to buy a $999 laptop in addition to the perfectly good computing device I already own."

                      I can't run macOS, Linux or Windows Applications on my iPhone for the same reason you can't run Linux Applications on your Android phone; i.e., because they don't share a processor architecture; not because of screen-size limitations. It has NOTHING to do with "Lockdown", FFS!

                      Install GNURoot Debian and optionally XSDL [xda-developers.com] on an unrooted Android device with an ARM CPU, and you can recompile GNU/Linux applications from source code for ARM, or you can apt-get compiled versions from the ARM version of the Debian repository

    • wah wah wah [techcrunch.com]

      Your beloved Apple dickheads are not infallible

  • Aren't the usual android spyware/malware stories posted on Tuesday?

  • Why is Slashdot recycling this OLD story again? All the incarnations are the same.

    Feels like wasting keystrokes, but I'll repeat my best solution proposal:

    The google should add a financial model tab to Play. When you are looking at an app and trying to assess whether or not it's legitimate, you should be able to see where the money is supposed to be coming from. That includes the google commenting on whether or not they have any evidence to support what the developer says.

    In many cases the developer will ju

  • Pretty much all apps - with the exception of a tiny handful of FOSS - are spyware. So is the OS. So are the competing OSes and their apps.

    Moral of the story: the Machine is always watching. Think much, speak little, and write nothing down.

I THINK THEY SHOULD CONTINUE the policy of not giving a Nobel Prize for paneling. -- Jack Handley, The New Mexican, 1988.

Working...