• Home
  • Mobile
  • Google Removed 19 Apps Containing Viruses in Play Store!

Google Removed 19 Apps Containing Viruses in Play Store!

Google has removed 19 apps from the Play Store, some of which have been downloaded more than 10,000 times, due to the malware it contains called AbstractEmu!
 Google Removed 19 Apps Containing Viruses in Play Store!
READING NOW Google Removed 19 Apps Containing Viruses in Play Store!

Security researchers helped remove 19 apps from Google Play Store that installed a rare malware to hijack the smartphone.

The malware, called AbstractEmu, discovered by Lookout cybersecurity researchers, is able to use the “root” features of the affected Android device to perform various activities, such as monitoring notifications, capturing screenshots, recording the screen, and even resetting the device’s password or locking it completely.

“Using the root process to gain privileged access to the Android operating system, the threat tool can silently grant itself dangerous permissions or install additional malware that normally requires user interaction,” the researchers write.

Applications containing malware; disguised as utilities such as password managers, data savers, app launchers, and the like, and were fully functional. Of the 19 apps removed, researchers claim that seven exhibited rooting ability and one had more than 10,000 downloads.

While researchers say that rooting malware has almost completely disappeared in the past five years, AbstractEmu is proof that they are not yet gone. In addition, the researchers note that the steps the malware took to avoid detection using code abstraction and anti-emulation controls were impressive.

AbstractEmu relies on one of five exploits for legacy Android vulnerabilities to root and hijack a device once it gets inside. After taking control, it collects all kinds of data about the device and sends it to a remote server and waits to collect additional data.

“At the time of discovery, the threat actor behind AbstractEmu had already disabled the necessary endpoints to receive this additional data from C2 [command and control server], which prevented us from learning the attackers’ ultimate intent,” the researchers write. . .

Comments
Leave a Comment

Details
189 read
okunma29673
0 comments