Ransomware Disguised As An Android Battery Monitor App
I’ve been warning my readers away from Google Play for years, and at the end of January ZDNet reported on yet another reason to follow that advice: ransomware disguised as an Android battery monitor app was recently found on (and removed from) the Google Play app store.
Dubbed ‘Charger’ by cybersecurity researchers at Check Point, the zero-day mobile ransomware was found embedded in EnergyRescue, an app supposedly designed to enhance battery-life of phones and tablets. Charger was detected on the device of an employee at a CheckPoint customer, who had downloaded the malicious app from Google Play.
Once downloaded from the store, the app initially steals contact data and text messages from the device before asking the user for admin permissions, which if granted will run the ransomware, locking the device and displaying a note demanding payment.
Like many cybercriminals behind ransomware schemes, the malicious actors behind Charger demand a ransom in Bitcoin, asking for 0.2 Bitcoin — worth around $180 — in return for unlocking the device.
Click here to read the full article on ZDNet.
Why Blame Google Play?
While of course the maker of this malicious app carries the most responsibility for it, I also hold Google Play accountable because Google Play has never done a very good job of keeping malware out of its store. This ZDNet article from October of last year runs down 400 instances of malware-laden Google Play content. Their developer vetting process is virtually nonexistent, as is their customer support.
It says a lot for Amazon’s App Store that in all the years of its existence, there has never ONCE been a verified report of malware in an Amazon App Store app. There have been reports of adware, but that’s not the same thing. Adware means an app or program of limited value that seems to exist primarily to serve ads. Annoying, yes. But not malware. Malware is the stuff that puts your data and money at risk.
I’ve said it before and I’ll say it again: never get your apps from Google Play.
* * *
Ready to dress up your second generation Dot? Check out the Fintie Protective Case for Amazon Echo Dot (Fits All-New Echo Dot 2nd Generation Only) (UK visitors click here). Currently rated 4.5/5 stars and priced at $7.99 – $14.99, depending on color/pattern. Available in 12 color/pattern options in the US, 6 in the UK.
Advertisements make it possible for Digital Media Mom to bring you great content for free, so thanks for your support.
* * *