Symantec: Google Play Home to Hundreds of Scam Apps

By

The security vendor known as Symantec has been focusing its attentions on the Google Play store recently, and what the security firm found was actually rather disturbing: The Google Play store was positively laden with scams and applications of questionable content, and though Google is being vigilant in terms of keeping said apps away from the buyers, there are simply so many that some are slipping through the tiny cracks in Google's undoubtedly robust defenses.

Symantec had been monitoring the Google Play store for the last seven months, where it found over 1,200 different suspicious applications in that time. Google, to its credit, removes many of these shortly after being published, but some can remain for as long as several days, according to reports.

What was particularly unusual, according to Symantec's Joji Hamada, was that despite the comparatively short life of such apps, there's little sign that the sheer numbers of such are dropping. More specifically, Hamada wrote “Although they have short lives, the apps must provide ample profit for the scammers as they show no signs of halting their development of new ones.”


Though it's difficult to spot a scam app, particularly since multiple tactics are used to attempt to get something out of users, the stakes are almost disturbingly high.

One such scam app tried to make users subscribe to an adult website at a rate of $3,200 per year, and all the app actually did was launch a link to the aforementioned adult website. But once the website is launched, the site asks users to register. When the registration is completed, an e-mail form is sent that contains a link to another website. The user then inputs a password, and the phone is given a number to call, which at the other end supplies a password along with registration details and a $3,200 registration fee is then noted, payable within three days.

But perhaps worst of all? According to Hamada, over 100 applications like that have hit Google Play since the beginning of the month.

How to stop such apps? That may be the real sticking point, Hamada describes, as there are so many manual steps required in the process that using automated checking methods really doesn't do much good. At that point, only human analysis can really pinpoint the biggest problems, and that's a process that takes a lot of time, effort, and resources. Even Google Play's basic setup, with a keyword-based search engine, allows some of these apps to work into the top keyword searches.

It's a difficult problem to work with. While Google Play generally catches many such issues before those apps can even hit the sales floor, catching all of them is a huge problem. Every one that gets through is making huge problems for the user base, and every user who has a problem with an app is a whole lot less likely to buy apps in the future. Yet, if Google Play were to manually check every app, the delay from submission to release would be huge. A lengthy amount of time without new apps would make the app store less valuable to some users, who might well leave for Apple or the like.

Just what Google Play can do here is unclear, and virtually every method looks to have some problems. But whatever the solution is, Google Play needs it, and as soon as possible, to help ensure that the current stock of users will stick around.




Edited by Blaise McNamee
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Contributing TechZone360 Writer

SHARE THIS ARTICLE
Related Articles

Can Science Outsmart Deepfake Deceivers? Klick Labs Proposes an Emerging Solution

By: Alex Passett    3/25/2024

Researchers at Klick Labs were able to identify audio deepfakes from authentic audio recordings via new vocal biomarker technology (alongside AI model…

Read More

Top 5 Best Ways to Integrate Technology for Successful Project-Based Learning

By: Contributing Writer    3/19/2024

Project-based learning, also popularly known as the PBL curriculum, emphasizes using and integrating technology with classroom teaching. This approach…

Read More

How to Protect Your Website From LDAP Injection Attacks

By: Contributing Writer    3/12/2024

Prevent LDAP injection attacks with regular testing, limiting access privileges, sanitizing user input, and applying the proper encoding functions.

Read More

Azure Cost Optimization: 5 Things You Can Do to Save on Azure

By: Contributing Writer    3/7/2024

Azure cost optimization is the process of managing and reducing the overall cost of using Azure. It involves understanding the resources you're using,…

Read More

Massive Meta Apps and Services Outage Impacts Users Worldwide

By: Alex Passett    3/5/2024

Meta's suite of apps and services are experiencing major global outages on Super Tuesday 2024.

Read More