Symantec: Google Play Home to Hundreds of Scam Apps


The security vendor known as Symantec has been focusing its attentions on the Google Play store recently, and what the security firm found was actually rather disturbing: The Google Play store was positively laden with scams and applications of questionable content, and though Google is being vigilant in terms of keeping said apps away from the buyers, there are simply so many that some are slipping through the tiny cracks in Google's undoubtedly robust defenses.

Symantec had been monitoring the Google Play store for the last seven months, where it found over 1,200 different suspicious applications in that time. Google, to its credit, removes many of these shortly after being published, but some can remain for as long as several days, according to reports.

What was particularly unusual, according to Symantec's Joji Hamada, was that despite the comparatively short life of such apps, there's little sign that the sheer numbers of such are dropping. More specifically, Hamada wrote “Although they have short lives, the apps must provide ample profit for the scammers as they show no signs of halting their development of new ones.”

Though it's difficult to spot a scam app, particularly since multiple tactics are used to attempt to get something out of users, the stakes are almost disturbingly high.

One such scam app tried to make users subscribe to an adult website at a rate of $3,200 per year, and all the app actually did was launch a link to the aforementioned adult website. But once the website is launched, the site asks users to register. When the registration is completed, an e-mail form is sent that contains a link to another website. The user then inputs a password, and the phone is given a number to call, which at the other end supplies a password along with registration details and a $3,200 registration fee is then noted, payable within three days.

But perhaps worst of all? According to Hamada, over 100 applications like that have hit Google Play since the beginning of the month.

How to stop such apps? That may be the real sticking point, Hamada describes, as there are so many manual steps required in the process that using automated checking methods really doesn't do much good. At that point, only human analysis can really pinpoint the biggest problems, and that's a process that takes a lot of time, effort, and resources. Even Google Play's basic setup, with a keyword-based search engine, allows some of these apps to work into the top keyword searches.

It's a difficult problem to work with. While Google Play generally catches many such issues before those apps can even hit the sales floor, catching all of them is a huge problem. Every one that gets through is making huge problems for the user base, and every user who has a problem with an app is a whole lot less likely to buy apps in the future. Yet, if Google Play were to manually check every app, the delay from submission to release would be huge. A lengthy amount of time without new apps would make the app store less valuable to some users, who might well leave for Apple or the like.

Just what Google Play can do here is unclear, and virtually every method looks to have some problems. But whatever the solution is, Google Play needs it, and as soon as possible, to help ensure that the current stock of users will stick around.

Edited by Blaise McNamee

Contributing TechZone360 Writer

Related Articles

Coding and Invention Made Fun

By: Special Guest    10/12/2018

SAM is a series of kits that integrates hardware and software with the Internet. Combining wireless building blocks composed of sensors and actors con…

Read More

Facebook Marketplace Now Leverages AI

By: Paula Bernier    10/3/2018

Artificial intelligence is changing the way businesses interact with customers. Facebook's announcement this week is just another example of how this …

Read More

Oct. 17 Webinar to Address Apache Spark Benefits, Tools

By: Paula Bernier    10/2/2018

In the upcoming webinar "Apache Spark: The New Enterprise Backbone for ETL, Batch and Real-time Streaming," industry experts will offer details on clo…

Read More

It's Black and White: Cybercriminals Are Spending 10x More Than Enterprises to Control, Disrupt and Steal

By: Cynthia S. Artin    9/26/2018

In a stunning new report by Carbon Black, "Hacking, Escalating Attacks and The Role of Threat Hunting" the company revealed that 92% of UK companies s…

Read More

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More