xafecopy malware india

Google Play app with 500,000 downloads sent user contacts to a Russian server

Courtesy: kaspersky.com

A security firm discovered malware in an Android app with over 500,000 downloads on Google Play that secretly transmits users’ contacts to an attacker-controlled server and signs them up for expensive subscriptions.

Color Message, the app, was still available on Google servers at the time this essay was written. Google took it down more than three hours after I contacted them for feedback. Color Message purports to improve text communications by adding emojis and eliminating spam SMS, among other things. Color Message, however, contains a family of malware known as Joker, which has previously infected millions of Android devices, according to researchers at Pradeo Security.

According to the company’s blog post, “our research of the Color Message application using the Pradeo Security engine demonstrates that it accesses users’ contact lists and exfiltrates them over the network.” “At the same time, the programme unwittingly subscribes users to undesired premium services.” The application has the ability to disguise its icon once installed, making it difficult to delete.”

The discovery of Pradeo is only the latest example of Google hosting harmful software that harms users of their Android mobile operating system. While Google monitors apps for malware and removes large numbers of submissions on a monthly basis, there are plenty of programmes that it misses. The regular complaints of rogue apps available through Play tarnishes the mobile OS’s otherwise spotless security record, at least on Google-developed Pixel smartphones.

Joker is classified as Fleeceware, a type of malware. It imitates clicks and intercepts text messages in an attempt to trick customers into paying for premium services they didn’t want. Because of the small footprint of its code and the strategies used by its developers to hide it, Joker is difficult to detect. The malware has been discovered in hundreds of apps downloaded by millions of individuals over the last few years.

Color Message fails to reveal the scope of the actions the software can take on users’ devices, in addition to transmitting users’ contacts to a server that appears to be situated in Russia and subscribing to undesirable services.

Android users should be cautious when downloading apps, as is customary. A good rule of thumb is to only download apps that truly assist you, and to choose apps from well-known companies wherever possible. People should also study the customer reviews to discover if any reports of malice have been made.