Jan 1, 2022
82 Views
0 0

Research claims Samsung Galaxy Store apps are spreading malware

Written by


Tags, , ,
Super secure VPN
Minimal data logging
Favorable privacy policy

It is becoming harder and harder to evade online scams, especially those involving Android applications. According to an analysis from Android Police’s Max Weinbach, Samsung is hosting several infected Android apps on its official Galaxy Store that may insert malware into your phone.
Weinbach came across the shady apps while searching the Galaxy Store for Hulu app noted that several Showbox-based applications were available on the Galaxy Store. Some of them triggered Google Play Protect’s warning after getting installed.
When one of the apps at VirusTotal was examined, it generated more than one dozen low-grade alerts ranging from adware, malware, trojans to riskware. Moreover, a few of these malicious apps requested more permissions, such as accessing call logs, contacts, and the telephone.

The researcher then posted about this on Twitter, and Android Police further explored the issue.
Samsung Galaxy Store Apps Spreading Malware
Android Police identified that the app Weinbach tweeted about is a replication of an old movie piracy app known as Showbox. Many of these apps were available on the Galaxy Store just a week before. However, as of December 30th, none of the apps was available, indicating that the South Korea-based Samsung must have acted after the reports circulated.
Reportedly, the Galaxy Store comes pre-installed with all the latest smartphones manufactured by the company, therefore if people have downloaded the infected app, they could be exposed to numerous kinds of risks. At least two shady Showbox apps were identified during the analysis.
Further probe revealed that the app’s ad tech could perform dynamic code execution, and while the app may not directly contain malware, it can download/execute other codes, including malware.

According to Android security analyst Linuxct, though there are few legit use cases for this functionality, it is possible to weaponize them.
“So at any moment it may become a trojan/malware, hence it’s unsafe and thus why so many vendors flagged it in VT/Play Protect,” Linuxct told Android Police.
Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.





Newsletter
Get the best stories straight into your inbox!




Don’t worry, we don’t spam
 App Store Google News
HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.
Hackread.com is among the registered trademarks of Gray Dot Media Group Ltd. Company registration number 12903776 in regulation with the United Kingdom Companies House. The registered address is 85 Great Portland Street, London, England, W1W 7LT
The display of third-party trademarks and trade names on the site do not necessarily indicate any affiliation or endorsement of Hackread.com. If you click an affiliate link and buy a product or service, we may be paid a fee by that merchant.

source

Article Categories:
Malware

Comments are closed.