500 Android apps infected with Chinese spyware

500 Google Play Store apps infected with Chinese spyware

According to mobile security firm Lookout, more than 500 spyware-laden Android apps have been downloaded more than 100 million times from Google Play Store.

Lookout researchers discovered that the apps had been inadvertently infected with a malicious advertising Software Development Kit (SDK) called Igexin. Igexin, they said, was Chinese in origin.

Google has since made available updated spyware-free versions.

And while apps don’t have recall facilities, it is hoped that users follow the instructions to update their apps or replace with the new versions.

While Google swiftly removed the offending apps, Lookout warned the vast majority of those who have downloaded the apps containing the malicious SDK will probably be unware they are at risk.

It is becoming increasingly common for innovative malware authors to attempt to evade detection by submitting innocuous apps to trusted app stores, then at a later time, downloading malicious code from a remote server.

Igexin is somewhat unique because the app developers themselves are not creating the malicious functionality, nor are they in control or even aware of the malicious payload that may subsequently execute. Instead, the invasive activity initiates from an Igexin-controlled server.

- Lookout blog: The Shield

It is becoming increasingly common for innovative malware authors to attempt to evade detection by submitting innocuous apps to trusted app stores, then at a later time, downloading malicious code from a remote server.

App permissions: How to use your phone’s first line of defence

Igexin is somewhat unique because the app developers themselves are not creating the malicious functionality, nor are they in control or even aware of the malicious payload that may subsequently execute. Instead, the invasive activity initiates from an Igexin-controlled server.

The apps affected were wide-ranging and included a game targeted at teenagers which was downloaded 50 million times.

Infected weather and photo apps were downloaded one to five million times while high on the list were educational and fitness, travel, emoji and home video camera apps.

As always experts warn smartphone users be careful when downloading apps. In this case it is doubly difficult because Igexin piggy-backed legitimate apps that the developers were unware of.

It is always recommended not to download apps from third-part stores. Stick to Google Play Store. Malicious apps do make their way into the store but Google does keep the vast majority of its 1.4 billion Android users safe.

Read and study the apps in detail, particularly the permissions apps ask for. And check reviews of the apps but beware of botnets that bolster star-ratings for apps.

And, as with your PC and laptop, keep your smartphone safe by regularly updating its anti-virus software.

By:

A veteran freelance journalist writing extensively on internet news and cybersecurity.
Back To Top