In a recent investigation by McAfee Labs, researchers uncovered a troubling trend in app security, highlighting the need for vigilance even when downloading from reputable sources. A malicious application, disguised as a health utility, was discovered on the Amazon Appstore, which, while not as widely used as the Google Play Store, is still accessible on various Android devices, including Amazon’s Fire tablets and Fire TV.
Hiding in a health utility app
The app, named BMI CalculationsVsn, initially presented itself as a straightforward body mass index calculator. Users were greeted with a simple interface, allowing them to input their weight and height to calculate their BMI. However, beneath this benign façade lay a series of malicious activities.
According to McAfee’s report, the app activates screen recording whenever users click the “Calculate” button. A prompt requests permission to start recording, and if granted, the app begins capturing the user’s screen. This functionality raises significant concerns, as it could potentially be used to capture sensitive information such as gesture passwords or data from other applications.
Interestingly, while the app was designed to record video, its developer, PT Visionet Data Internasional, had not yet implemented the capability to upload these recordings to a command and control server. Nevertheless, the app could still scan the device for installed applications and collect text messages, likely to intercept one-time passwords or verification codes.
Originally uploaded to the Amazon Appstore in early October, the app underwent a transformation during its development, shifting from a screen recording tool to a BMI calculator while retaining its malicious capabilities. Fortunately, McAfee alerted Amazon to the app’s harmful nature, leading to its removal from the store. Users who installed it will need to manually delete it from their devices.
How to stay safe from Android malware
With the prevalence of malicious apps infiltrating official app stores, exercising caution when downloading new applications is paramount. Here are some strategies to enhance your security:
- Check Ratings and Reviews: Always scrutinize an app’s ratings and reviews. However, be aware that these can be manipulated. Seeking external reviews or video demonstrations can provide additional insights.
- Research Developers: Investigate the app’s developer to ensure they are reputable. Sticking to well-known developers can significantly reduce the risk of downloading harmful software.
- Utilize Trusted Apps: Favor applications that consistently appear in the top charts of app stores, as these are more likely to be vetted for safety.
- Enable Google Play Protect: This built-in security feature scans apps for malware, providing a first line of defense against threats.
- Consider Additional Antivirus Solutions: For enhanced protection, consider pairing Google Play Protect with a reputable antivirus app that offers regular updates and additional features like password management or VPN services.
As cybercriminals continue to exploit vulnerabilities through malicious apps, maintaining a proactive approach to app security is essential. By staying informed and cautious, users can better safeguard their devices against potential threats.
