Google Play still riddled with malicious apps, says Symantec

The Google Play app store for Android remains riddled with malicious apps despite efforts to clean it up, says Symantec

The Google Play app store for Android is still riddled with malicious apps despite efforts to keep it clean, says security firm Symantec.

A test search carried out by Symantec using Google Play search resulted in 21 out of 24 top hits being malicious apps.

Although many malicious apps are removed on the day they are published, while others remain only a few days, abuse of the search function allows malicious apps to feature prominently in search results.

“Although they have short lives, the apps must provide ample profit for the scammers as they show no signs of halting their development of new ones,” wrote Symantec’s Joji Hamada in an official blog post.

Symantec found that scammers publish malicious apps almost every day, with 1,200 malicious apps published in the past seven months.

The success of scammers has led to an evolution of malicious apps from simple one-click scams to other scams that require victims to go through a registration process to make the apps more difficult to detect by automated systems on Google Play, enabling them to remain available for longer.

Read more about mobile malware

The latest of these apps aimed at the Japanese market to appear in Google play require users to send an email in order to register to become a member of a service, call a given phone number to acquire a password, and enter the password to log into the fraudulent site.

Once the user successfully logs into the site, they are charged an annual fee of the equivalent to $3,150 for watching online adult videos without any obvious prior warning of the fee.

Symantec found a reference to the annual fee hidden deep in a license agreement that is mentioned on the page where the password is entered, but the link was at the bottom of the page in very feint text.

The security firm said human analysis may be the only way to discover these sorts of apps, which is a significant problem with more than 100 of these apps published on Google Play since the beginning of July.

Symantec said it would continue to inform Google about these apps so they can be removed but warned smartphone users to be cautious when downloading apps from any source.

Read more on Endpoint security

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

how can i download google play store in android set

There are a host of problems here. For one, free ain't cheap. At that price, I'm instantly suspicious of good programs that are handed out like lollipops on giveaway day. Certainly someone must want something other than kudos. Where's any sign of QA before these things are turned loose on a far-too-trusting user-base?

Then again, since high price tags are no guarantee of surety, I lay the blame directly at Google and Android for putting out such a porous OS in the first place. Yeah, the bad guys will always try to batter at the doors, but starting with far better doors would be a huge help.