The Big App Malware Story That Wasn’t

By TrustGo Security Labs On October 19, 2012 In Categories

Odds are, you DIDN’T hear about TrustGo Secure Labs’┬ádiscovery yesterday of a new and potentially nasty virus on Google Play.

Unless you regularly read great sites like Mobile Business Briefing, or Search Security, you’ll find that there really wasn’t much chatter about it in the general public. So why wasn’t it a big deal?

Was it because the malware wasn’t very bad?

Actually, it was quite evil…stealing users’ SMS/MMS messages and videos, as well as taking all the files off their SD cards, putting some really sensitive data at risk.

Was it because it was simple and not very advanced?

No, the code was quite sophisticated in that it was able get through Google’s anti-malware screenings and after installation, was able to hide itself from the Apps List. To add insult, it even used a fake logo of a mobile security company in the one place it did show up…on the Downloads list.

Was it because the “bad guys” were just some kids having fun?

Definitely not. In fact, the people who created this virus also run a malicious website that steals data from Macs, Windows and Unix/Linux machines.

But it was on Google Play! Why wasn’t there a big story about this virus?

Sadly, it’s because only a small number of users were affected.

And why is that? ┬áJust one reason…

We alerted Google within 36 hours of finding the infected app and it was removed very quickly.

For us, it’s far more important that users are protected than for us to get a great story written about us on…say, CNET or NBC News. Sure, we get our share of those, but our job is to help people stay safe.