cancel
Showing results for 
Search instead for 
Did you mean: 

Android Malware Breaches Google Play Safety - Product Ambassadors

1666 Views
Sprint Product Ambassador

Screen Shot 2017-06-08 at 9.22.05 PM.pngphoto credit: thehackernews.com

 

A new malware has been discovered by Kaspersky Security Lab that seems to have thwarted and bypassed all the safety checks within Google's Play app store called "Dvmap."

 

The malware was being delivered via a puzzle game called "colourblock," which was downloaded more than 50,000 times before Google removed from the Play app store.

 

The app disabled the security settings of the victim Android host and downloaded a more malicious app from a third-party source and injected code into the device libraries to effectively gain root access and remain persistent even after reboot. 

 

This is a unique case of malware in that it's the first time we've seen a malware infected app that actually morphs to disguise itself as a normal app and bypasses all the app security within the Play app store. This is more than a little scary. Normally when we read about malware or virus-infected apps it's typically a factor of installing apps from unknown, untrusted, unverified third-party sites. The usual good practice is to keep app downloads limited to the official Google Play app store. Until now.

 

Now we need to rethink and take device protection to the next level. Here is my best advice to help keep your smartphone safe:

  • Only download apps from the official Google Play app store (common sense, right?).
  • Only download apps from well known, well vetted, trusted app developers.
  • Make sure you read recent reviews relevant to the latest app version.
  • Check the app permissions! Make sure the app permissions make sense; e.g. a flashlight app doesn't need access to your contacts or location.
  • Make regular, full back-ups of your device. Ideally make a backup before you install new apps.
  • Install and activate an anti-malware / anti-virus application on your smartphone and keep it up updated. I use Lookout Premium on my devices and recommend that you do too.

 

You can read more details about Dvmap and how to keep your device safe and clean from TheHackerNews.com. I recommend following TheHackerNews and Lookout on Twitter to stay abreast on the latest threats to mobile devices.

 

Stay safe and keep in the know about mobile device security.

 

Catch you online!

 

~Ninja_CJ

 

 

Disclaimer: The Product Ambassadors are Sprint employees from many different parts of the company that love technology. They volunteer to test out all sorts of Sprint devices and offer opinions freely to the Community. Each Product Ambassador shares their own opinions of these devices, therefore the information in this post does not necessarily reflect the opinions of Sprint. The PA's do not represent the company in an official way, and should not be expected to respond to Community members in an official capacity. 

 

4 Comments
GrandMaster
any recommendations on what to do if they find this app on their device? full factory reset?
Sprint Product Ambassador

Yes. Keep good backups of data for data restore, too.

GrandMaster
excellent. at least there is a way to get rid of it. in this case i would gladly do a FR to ensure it was fully removed.
Master

Hear hear, thanks for the headsup. Definitely more sinister then the ad click apps that Google has recently been trying to swat out.