Malware on Google Play masquerades as font installing app

Malware-ridden apps are plentiful on app stores online. Security firm Webroot has detailed one such find on the Google Play store – they are calling it Android.TechnoReaper. Elaborating on the threat, the post says that the malware has two parts to it – a downloader on the Google Play store and a spyware app that it downloads. Interestingly, the downloaders enter in the garb of font installing apps. So, when a user installs the app on his phone, it looks like a harmless app that will let him install new fonts on his phone. 


The code, however, gives away the app's malicious intentions. The spyware, ikno.apk, monitors SMS, call logs and location. The post adds that these details and various other activities are logged through a web portal.


Also, the download link in the upper right corner reads “Download iKno from the Android Market”. The link, however, is not actually linked to the Android Market. Instead, when clicked, the ikno.apk file downloads directly from their site.  


Malware moves around as font installing app



Like stated in one of our earlier reports, IT security firm McAffee said last year that more than 60 percent of all Android threats originate from the FakeInstaller family. FakeInstaller malwares masquerade as popular apps and generate revenue by silently sending SMS messages to premium numbers without the user’s consent, which is what this latest discovered malware also does.


In February this year, we reported about one such Android malware that can cause havoc on your Android smartphone and Windows PC when the devices are connected. The irony is this app is masquerading as a "cleaner" app on Google’s Play Store


Discovered by Kaspersky to be a vicious malware, DroidCleaner has a long list of abilities to disrupt your life. After it has been installed on your phone, the app has the ability to send SMS messages, enable Wi-Fi, gather information about the device, open arbitrary links in a browser, upload the SD card's entire contents, all SMS messages, or an arbitrary file or folder to the master's server. It can also delete all SMS messages or read, write and upload all the contacts, photos and location data from the device to the master.

Published Date: May 11, 2013 11:38 AM | Updated Date: May 11, 2013 11:38 AM