Multiple malwares are being used to infect Google Play Store apps

The Google Play Store is known as a secure place to download and use Android apps. Although the security systems are strong, bad actors still find ways to invade security protocols and infect our devices and systems.

The way that is being used by hackers is “versioning“, which works like a two-way thing. Among these, the first one works through updates that are available for already-installed apps. The other one enters by loading malicious code through a server that is controlled directly by hackers. This method is called dynamic code loading (DCL).

A bad actor can use these ways to install malicious payloads as native, Dalvik, or JavaScript code on Android and avoid the Play Store’s static analysis checks. According to Google, all applications uploaded to the Play Store are subjected to PHA (Potentially Harmful Application) screening. However, the company admitted that some programs may be able to circumvent DCL security tests.

Hackers employ the versioning technique to infect Google Play Store apps with malware

Google explains that “versioning occurs when a developer releases an initial version of an app on the Google Play Store that appears legitimate and passes our checks, but later receives an update from a third-party server changing the code on the end-user device that enables malicious activity.”

All apps must be updated via the Play Store; any other means for this purpose must be avoided. Along with that, Google is also limiting the downloading of apps with executable codes attached to some external sources. Backdoors are applications that breach Google Play’s Deceptive behavior policy and are removed from the store.

SharkBot, a banking trojan identified in October 2021, was one example of this strategy. By publishing versions with restricted functionality, the malware might avoid Play Store security tests. Once installed on the victims’ devices, the software downloaded a full malware version. SharkBot was an Android antivirus program that was available on the Play Store.

The FBI recently issued a warning that AI was making it much easier for hackers to create and distribute malware. Similarly, Google chastised manufacturers for taking too long to remedy security flaws in their devices and apps. As an Android user, you should be more cautious about the apps you install.

7 thoughts on “Multiple malwares are being used to infect Google Play Store apps

  1. Pingback: FiverrEarn
  2. Pingback: FiverrEarn
  3. Pingback: FiverrEarn
  4. Pingback: FiverrEarn
  5. Pingback: FiverrEarn
  6. Pingback: FiverrEarn

Comments are closed.