Over 500 Apps Pulled From Play Store due to a Backdoor Spyware Threat

Prayank

Google has removed more than 500 apps from the Android Play Store after researchers at Lookout Security discovered that those apps had a back doorsecurity vulnerability which could be exploited to inject spyware into the devices.

Among themselves, these 500 apps had more than 100 million downloads, which roughly translates into tens of millions of devices which might be vulnerable to spyware attacks.

The apps’ advertising software development kit (SDK), called Lgexin, had the capability of spying on user’s devices by downloading malicious plugins via an otherwise innocent-looking app.

The researchers also pointed out that the developers of the apps aren’t responsible for creating the malicious functionality. Rather, “the invasive activity initiates from an Igexin-controlled server”.

While most of these apps were identified as harmless at the present time, but their security vulnerability means that the developer — or Lgexin in this case — could, at any point of time, update the app with malicious spyware plugin and threaten the privacy of the users.

The Lgexin spyware code could lead an app to record call logs, text messages, login credentials and much more.

Although Google is working towards creating a secure environment in the Play Store, app authors with malicious intentions are always looking for a way to fulfill their unscrupulous needs.

“Lgexin is somewhat unique because the app developers themselves are not creating the malicious functionality – nor are they in control or even aware of the malicious payload that may subsequently execute,” the Lookout Blog reads.

The apps that contain the infected SDK included:

  • Games targeted at teens (one with 50M-100M downloads)
  • Weather apps (one with 1M-5M downloads)
  • Internet radio (500K-1M downloads)
  • Photo editors (1M-5M downloads)
  • Educational, health and fitness, travel, emoji, home video camera apps

The researchers informed Google about this security vulnerability among apps on the Play Store and they were either removed or updated with a fresh version without the invasive backdoor threat.

Also See
#Android apps #play store

Join the newsletter

Prayank

Written By

Prayank

Bike enthusiast, traveller, ManUtd follower, army brat, word-smith; Delhi University, Asian College of Journalism, Cardiff University alumnus; a journalist breathing tech these days.