Wednesday , November 20 2019
Home / slovakia / Google has removed 25 photo editing applications containing malicious code

Google has removed 25 photo editing applications containing malicious code



media family

After a relatively short time, more reports of malicious applications appeared that were smuggled into the Google Play store. This time there are 25 applications, most of which acted as a photo editor.

These applications were revealed in Symantec research, which arstechnica.com drew attention to. The authors turned to Google, who immediately removed these applications from the Play Store.

The applications contained malware, malicious code designed to display advertisements on the device screen. In this way, he generated revenue for the authors of the application. All applications have been launched in the Play Store over the past five months on various developer accounts.

However, the applications have a very similar structure of the source code, so it can be assumed that they come from the workshops of one organized group of attackers. Applications may have hidden their identity.

malver "width =" 1270 "height =" 896 "srcset =" https://www.techbyte.ie/wp-content/uploads/2019/09/skodlive-aplikacie.jpg 1270w, https: //www.techbyte. it / wp-content / uploads / 2019/09 / skodlive-applications-768x542.jpg 768w, https://www.techbyte.sk/wp-content/uploads/2019/09/skodlive-aplikacie-100x70.jpg 100w, https://www.techbyte.sk/wp-content/uploads/2019/09/skodlive-aplikacie-696x491.jpg 696w, https://www.techbyte.sk/wp-content/uploads/2019/09/skodlive -aplikacie-1068x753.jpg 1068w, https://www.techbyte.sk/wp-content/uploads/2019/09/skodlive-aplikacie-595x420.jpg 595w, https://www.techbyte.sk/wp-content /uploads/2019/09/sklive-application-800x564.jpg 800w "sizes =" (maximum width: 1270px) 100vw, 1270px
Picture. Symantec

According to the main application screen. The icon that normally launches applications has disappeared from the application bar. However, these malicious applications could be searched in the list of installed applications. When the user did not see the icon on the desktop and in the tray, he easily forgot that the application was installed over time.

The attackers managed to bypass the Google review process in a sophisticated manner. After installation, the applications looked normal. But when they opened, the user downloaded the configuration file from the remote server in the background to change their behavior. The application icon has disappeared and the aggressive adware has worked.

Applications recorded together 2.1 million installations. You can see their list below.

  • Blur image editor

  • Car blur photo
  • Blur Image Pro
  • Cut Paste Photo Editor

  • Face function
  • Fashion Hairstyles Pic Editor
  • Free blur image editor
  • Image Blur Editor Unlimited

  • Photographs Cut Studio Professional

  • Cut Pro Photographs
  • com.yasuo.art (unidentified name)
  • The latest hair styles for free
  • Photographs Collage Maker
  • Cut Paste Photo Editor X.
  • Blur Image Plus
  • Car Cut Out Pro

  • Cut out the background

  • Hairstyles Photo Editor Plus

  • com.amazing.photo.cutout (unidentified name)
  • Motion On Picture

  • com.pop.color (unidentified name)
  • SkyCamera
  • Photo Background Editor Pro

  • Blur Image Plus
  • Photographs Blur Background Maker 2019


Source link