Trojan app on Google Play can spy location, steal bank details from Android phone

Cybersecurity experts at Cisco Talos have identified the GPlayed-riddled Google Play Market Place app (left side) that's identical to the design of Google Play (right side) icon.Cisco Talos (screen-shot)
Cybersecurity experts at Cisco Talos have identified the GPlayed-riddled Google Play Market Place app (left side) that's identical to the design of Google Play (right side) icon. Cisco Talos screen-shot

Security researchers have stumbled on a malware dubbed as GPlayed, which can trick users to install on their Android phone and lose sensitive data to hackers.

Cybersecurity experts at Cisco Talos have identified the GPlayed-riddled Google Play Market Place app that's identical to the design of Google Play store icon and other affiliated applications. This may become problematic because unsuspecting users might install them as a trustworthy app and end up paying a heavy price.

"What makes this malware extremely powerful is the capability to adapt after it's deployed. In order to achieve this adaptability, the operator has the capability to remotely load plugins, inject scripts and even compile new .NET code that can be executed," Cisco Talos report said.

This deadly Trojan malware is capable of and even syphoning off credit card or bank details present in the phone and also turn in to fulltime spyware capable of tracking victims locations.

On the bright side, GPlayed is not yet live on the Google Play store, but in the final stage of testing. Despite Google taking stringent measures to control the flow of Android malware to the Play app store, it is not able to detect Trojan malware hidden in legitimate apps. General Android app users are advised to be careful in installing such as look-alike fake Google apps.

"Our analysis indicates that this trojan is in its testing stage but given its potential, every mobile user should be aware of GPlayed. Mobile developers have recently begun eschewing traditional app stores and instead want to deliver their software directly through their own means. But GPlayed is an example of where this can go wrong, especially if a mobile user is not aware of how to distinguish a fake app versus a real one," Cisco Talos team noted.

How To Protect Your Smartphones From Malware:

  • Always keep your smartphone updated to the latest firmware. Most companies in collaboration with Google send software updates — especially security patches on a priority basis and always make sure to update them immediately
  • Make sure to use premium Antivirus software, which also provides malware protection and internet security
  • Never open emails sent from unknown senders
  • Never install apps from unknown websites
  • Never install apps from unfamiliar publishers even on Google Play store
  • Never ever side-load apps from websites other than Google Play store on an Android phone.
READ MORE