Google play store hacken10/31/2022
“Our main theory about the reasons for all these versioning maneuvers is that the attackers are trying to use diverse techniques to achieve their key goal, to bypass the official Google marketplace filters,” Kaspersky Lab researchers Alexey Firsh and Lev Pikman wrote in a post. #Google play store hacken apk#In a twist, a later app contained the malicious payload in the downloaded APK itself. The payloads could collect locations, call logs, contacts, text messages, and other sensitive information.īy customizing the payloads and not loading down a device with unneeded components, the attackers were further able to evade detection. Based on that information, the attackers could use the malicious apps to download and execute malicious payloads specific to a particular infected device. #Google play store hacken android#Within time, the apps provided a backdoor that collected data about the infected phone, including the hardware model, the Android version it ran, and the apps that were installed. One of the recent apps posed as a browser cleaner. Another approach was to require few or even no permissions during installation and to later request them dynamically using code hidden inside an executable file. One method was to initially submit a benign version of an app and add the backdoor only after the app was accepted. Repeatedly bypassing Google security checksĪttackers behind the campaign used several effective techniques to repeatedly bypass the vetting process Google uses in an attempt to keep malicious apps out of Play. Code in the malware and command servers it connects to contain several overlaps with a known hacking group dubbed OceanLotus (aka APT32, APT-C-00, and SeaLotus), leading researchers to believe the apps are the work of that advanced group. Third-party markets have also hosted the backdoored apps, and many of them remain available.Ĭommand-and-control domains were registered as early as 2015, raising the possibility the operation goes back earlier than 2016. Apps from earlier were already removed, and it’s not clear what prompted the move. Google removed recent versions of the malware shortly after the researchers from Kaspersky, and earlier fellow security firm Dr. While Kaspersky Lab's research uncovered only Android apps connected to the hacker group behind the campaign, research published last October by Blackberry Cylance found evidence the group targeted iOS users as well. #Google play store hacken archive#Researchers from security firm Kaspersky Lab have recovered at least eight Google Play apps that date back to 2018, a Kaspersky Lab representative said, but based on archive searches and other methods, the researchers believe malicious apps from the same advanced group seeded Google’s official market since at least 2016. Hackers have been using Google Play for years to distribute an unusually advanced backdoor capable of stealing a wide range of sensitive data, researchers said on Tuesday.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |