Two recently discovered malicious Android apps related to the nefarious Ztorg family have been removed from the Play Store by Google. They were capable of sending premium-rate text messages to numbers controlled by the attackers and hid their tracks by deleting incoming messages, according to researchers at antivirus firm Kaspersky.
Collectively, these two apps — dubbed "Magic browser" and "Noise Detector" — had been installed from Google Play more than 60,000 times, Kaspersky Lab Senior Malware Analyst Roman Unuchek wrote in a Tuesday blog post. Magic browser, uploaded to Google Play on May 17, masqueraded as an "ultra-fast, simple and practical mobile browser," while Noise Detector promised to let you "easily measure the noise level of the current environment."
Before they were deleted, Magic browser had already been downloaded 50,000 times while Noise Detector racked up 10,000 downloads.
Unuchek said he's been monitoring the Google Play Store for Ztorg trojans since September 2016 and has found "several dozen" malicious apps in that time, all of which used exploits to gain root access on the infected device. Magic browser and Noise Detector, which he discovered in the second half of May, are a little different.
They're "related to the Ztorg Trojans, although not a rooting malware," Unuchek wrote. Instead, they're SMS trojans "that can send Premium rate SMS [text messages] and delete incoming SMS."
Related
- 'Judy' Malware Potentially Hits Up to 36.5M Android Users'Judy' Malware Potentially Hits Up to 36.5M Android Users
Kaspersky Lab reported the malware to Google and both apps have been deleted from the Play Store.
In other Android news, Google this week announced plans to end support for the Android Market app on Android 2.1 Éclair and older devices on June 30. Once the change goes into effect, users on these devices will no longer be able to access or install apps from the Android Market.
"It has been 7 years since Android 2.1 Eclair launched," Google Play Software Engineer Maximilian Ruppaner wrote in a blog post. "Most app developers are no longer supporting these Android versions in their apps given these devices now account for only a small number of installs."
One of the best features Google Play Music has launched in a long time is hidden from most users. That's a real bummer.
The second-generation Gogoro Smartscooter promises a smoother, 'virtually unstealable' electric ride.
No more wasted characters.
Even if they prevent Android's Verify Apps feature from working properly.
Relax Google Removes 2 Malicious Play Store Android Apps stories
Previously limited to iOS, Firefox Focus automatically blocks ads and many of the trackers that normally follow you around the web and slow down your browsing.
No more having to visit five different sites to look for job listings: You can now just type 'jobs near me' into Google to see what's available in your area.
There's no official confirmation yet, but a launch in New York City in the second half of August has been suggested.
An increased use of technology to help identify terrorist content and plans to 'greatly increase' the number of independent experts in YouTube's Trusted Flagger program.
The Guardian reports that the 'security lapse' affected more than 1,000 workers who use Facebook's content moderation software to remove terrorist propaganda.
With the $130 Modern Keyboard, unlock your machine with a touch.
The CIA reportedly had the capability to hack into dozens of Wi-Fi router models, even if they were protected by usernames and strong passwords.
Researchers are warning that e-cigarettes can be modified, without a ton of effort, to infect a victim's PC with malware.
Google is relaunching the Mac and PC apps that let you upload files to your Google Drive, making it easier to schedule backups.
They're designed to protect against future state-sponsored malware attacks akin to last month's WannaCry, but are not a substitute for upgrading your OS.
Crash Override disabled part of the electrical grid in Ukraine last year, and many more power stations could be susceptible, according to security experts.
The budget smartphone and its larger E4 Plus cousin offer respectable features for their bargain price tags, but come with a few compromises.
Tired of searching through hundreds of emojis for the perfect way to express yourself? Draw one with your finger and Google's keyboard app will match it.
Cybercriminals have managed to infect PCs if the user so much as hovers over a hyperlink in a PowerPoint slide.
If your Android-powered phone or tablet is lost or stolen, follow these steps to set up the Android Device Manager now.
It took over a year, but Google finally managed to offload not one, but two robotics divisions to the Japanese company that acquired chip maker ARM last year.
As well as domestic flights, dozens of airports spread across Europe, the Middle East, and Africa are also under consideration by Homeland Security.
Data is converted into a binary format and transmitted by flashing the LED activity lights while a nearby camera records their output.
A hacker broke into systems for the 'US operating region' and stole sensitive user data
Google plans to block the most annoying advertisements in its Chrome browser, even those that run on the company's own platform.
A standalone Siri speaker would help Apple better compete against the likes of Google Home and Amazon Echo, according to Bloomberg. Look for it at WWDC next week.
Researchers from security firm Check Point said 'hundreds of millions' of devices running media players such as VLC, Kodi, Popcorn Time, and Stremio are at risk.
Google's advertisers will soon be able to measure the success of their online campaigns based on credit card transaction data from physical stores.
You can now create a family group with up to six members of your household to easily share calendar info, photos and videos, to-do lists, and notes with everyone.
Google's $5,000 collaborative and smart digital whiteboard is now available to buy.
Google I/O 2017 was a continued transformation of the company, from machine learning to greater control of Android. Here's what we learned at the show.
An update, which can even be delivered via Wi-Fi if your car supports it, will bring the latest car software from Google and Apple to more Ford owners.
Google pulled back the curtain on both visible and behind-the-scenes improvements to its next mobile OS, Android O.
Emails spoofed to look like they're coming from DocuSign are attempting to trick recipients into opening attached Word documents that contains malware.
Google wants automakers to install a full copy of the Android OS—not just Android Auto—in their cars to control windows, air conditioning, and more.
The deal sees Twitch gain exclusive streaming rights to more than 20 Blizzard eSports events over the next two years. Twitch Prime members get special loot and deals.
Five organs-on-chips will make their way to the ISS and shed light on microgravity's effects on the human body.
It's the morning after a bunch of Uber news.
Lenovo's workstation is the size of a MacBook pro, but has NVIDIA pro graphics.
Former Epix Chief Digital Officer Emil Rensing has pleaded guilty to one count of wire fraud.
Is the storage full on your iOS device? Here's how to figure out what's taking up the most space so you can decide what to delete.
Star engineer Chris Lattner is leaving Tesla's Autopilot project less than six months after he was announced as its new leader.
An Epyc server can contain up to 4TB of memory and 128 lanes of PCIe, making it a worthy Intel Xeon competitor.
Hoping to attract more talented coders to the auto industry, Jaguar Land Rover is adding code breaking puzzles to the app of the virtual band Gorillaz.
The oft-requested feature is one of several intended to appease drivers. It'll also save riders from fumbling with their wallets.