Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Apps that are not what they appear to be...Heads-up!
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Apps that are not what they appear to be...Heads-up! (Read 1817 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33913
malware fighter
Apps that are not what they appear to be...Heads-up!
«
on:
November 04, 2019, 10:57:42 AM »
L.S.
This app is not (yet) flagged by VT -nl.stijlloos.hetkontakt
Installer: com.android.vending (Google Play Store)
Type App: USER
Size: 45.33 MB
Path: /data/app/nl.stijlloos.hetkontakt-RLFrd2KyDrZL6eBvXMkmw==/base.apk
Scanned through the VirusTotal app.
The standard application of this local regional Dutch paper has a blue color,
the hacked version that tries to get access to all of your cellphone is white. it starts to ask total access to all of your android.
Denied that request and deinstalled immediately.
Let it be a warning to check on all apps you install from Google Play Store.
There is no guarantee, they are what they seem to be.
Or that they cannot be changed "on the fly" after installing by just visiting a crafted website
(in this case a so-called Clickbait forum GeenStijl)
polonus
«
Last Edit: November 04, 2019, 11:18:57 AM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33913
malware fighter
Re: Apps that are not what they appear to be...Heads-up!
«
Reply #1 on:
November 04, 2019, 11:43:05 PM »
This is an ongoing game, folks, read:
https://labs.bitdefender.com/2019/10/dozens-of-apps-still-dodging-googles-vetting-system/
Adware-miscreants use every trick in the book to circumvent detection
and to go under the radar of Google's Play Store.
Checking system time is actually18 hrs behind in relation to a specific given time for,
when the app is finally hiding, is one way. Also obfuscated and dynamically loaded code is used,
all to dodge automatic static analysis, is another.
Also like in the above posted example, miscreant/developers,
use all sort of names to upload identical apps onto Google Play Store.
Read what apps are advised and what other user-views/-ratings/ranking are.
A list of these adware misnomers:
https://www.bitdefender.com/files/News/CaseStudies/study/290/Bitdefender-WhitePaper-Android-Dozens-of-Apps-Still-Dodging-Googles-Vetting-System.pdf
pol
P.S. I have installed the Virus Total Mobile App to check, scan & report all user and hidden applications
on my cell-phone (Android). Quite happy with it. But I wonder it will detect these specific "critters".
Damian
«
Last Edit: November 04, 2019, 11:45:42 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Apps that are not what they appear to be...Heads-up!