Criminals inject malware into 20 000 Android apps outside Play Store




Security firm Lookout has 20,000 examples were found of popular apps on download sites and download stores outside the Google Play Store that contain malware. Users of the Play Store need not worry about these practices.

The ‘repackaged’ apps are applications like Candy Crush, Twitter and WhatsApp, which also function correctly. The versions on download sites and third-party download stores contain according to the security firm but malware. This malware can gain root access and then nestle itself as a system app, making them difficult to remove.

Lookout mentions no names of download stores that are affected, but the security company emphasizes that these apps are not available in the Play Store. All sorts of apps sit in between, but not for Android virus scanners. Lookout concludes from this that the creators of such malware have a careful plan. It often involves adware.

The attackers who do this, get the apk file of apps apart and then add their own code to obtain root access and the display of advertisements. Then they wrap up the file and upload it on sites and download stores. Because large developers often publish only in the Play Store, the official app is usually not found in alternative download stores. Users of these shops thus often grab the only option to install a popular app and download the unofficial version.

Although there are many malware for Android, virtually all malware found only in shadowy download sites and download stores from third parties. Therefore, the risk for many users in the Benelux, which almost always download all the apps from the Play Store pre-installed, minimal.


In: A Technology & Gadgets Asked By: [21378 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »