They are anything but new, but security experts have just discovered them: three apps have been available in the Google Play Store for months that contain malicious code from a well-known cybercrime group. An app even cleverly eludes uninstallation.
Again three brazen pests in the PlayStore unnoticed for months
Once again, it is thanks to Trend Micro security experts that malware was discovered in the Google Play Store. As t3n currently reports, researchers have discovered three applications that connect to a known server and then transmit sensitive information. Accordingly, the apps collect information such as position data, camera information, but also screenshots of account data in order to then send them to the criminal backers. This also includes the ability to specifically intercept and transmit information from apps such as Twitter, Facebook, Gmail or Chrome. Android infographic: One platform, many versions of three applications are called Filecryptmanager, Callcam, and Camero. According to Trend Micro, an examination of the information in the corresponding app certificate provides an indication that the apps have been available in the app store for Android devices since March 2019. Of course, the following applies: If one of the apps has been installed, immediate deletion is strongly recommended. Callam tries to avoid de-installation by automatically hiding the app icon – only the way through the settings helps here. Google has now deleted the three applications.
Backers knew since 2012
Trend Micro claims to have found clear indications of the backers from whom the apps were discontinued during the investigation. Accordingly, the applications establish a connection to a server that can be clearly assigned to a known cybercrime group called Sidewinder. The criminal association first attracted attention in 2012 when it was linked to an attack on Windows computers of military targets in Pakistan.