Malware Manipulates Google Play by Flooding Store with Illicit Apps

Malware Manipulates Google Play by Flooding Store with Illicit Apps

It should come as no surprise that scammers like to make money. It should also come as no surprise that scammers are constantly looking to enlarge their wallets however they can. One of the newer methods, according to Mobile Commerce Press, is manipulating the Google Play Store‘s search function.

According to Joji Hamada and remove ads by, a Symantec (NewsAlert) researcher based in Japan, Japanese scammers are putting their malware-infested applications at the top of lists by manipulating the search function on Google (News Alert) Play. By flooding Google Play with a variety of applications, mostly aimed at adult material, malicious applications have managed to make the top 21 applications out of 24 in a Symantec search.

That high profile success comes at a cost of pumping out 1,200 applications over the several months according to Hamada, but the payoff — a $3,000 bill per victim — can be huge.

But that figure, which is accompanied by a three-day payment period, is difficult to achieve. The new Android (NewsAlert) malware is a variant of One-click fraud — where a user is prompted to enter payment information for a illegitimate service. The new variant now has victims jumping through a series of hoops — from entering their e-mail addresses (a part of registering for a new service) to calling a phone number to acquire a password for malicious adult websites.

It’s unknown how many people have fallen victim to this scam due to the adult nature of the con. According to the Information Networking Institute at Carnegie Mellon University, people usually pay, though they’re not legally obliged.

Detecting these sorts of malicious applications, according to Hamada, is difficult, if not impossible for automated systems. Even human analysis — hindered by hidden end-user license agreements — has a hard time outing these multilayered approaches to scamming.

SHARE
Previous articleBYOD Adoption Reveals Enhanced Employee Productivity, yet Security Concerns Remain
Next articleSplashtop to Provide Goodwill with Secure Mobile Access
Daniel Sadakov has a degree in Information Technology and specializes in web and mobile cyber security. He harbors a strong detestation for anything and everything malicious and has committed his resources and time to battling all manners of web and mobile threats. He is a contributar at tripwire.com, a website dedicated to covering the top security stories and providing useful tips for the everyday and expert users.