Android fans are being warned after security experts found out that an app on the Google Play Store seems to be more than what they think.
Android is one of the most used operating system in the world, with more than two billion devices using the Google mobile OS each and every month. However Android users are used to getting security alerts, with some recent widespread threats being circulated via apps found on the Goole Play Store.
Researchers at mobile security firm Wandera are warning Android users about a Google Play Store app that was downloaded thousands of times.
The app in question is Scary Granny ZOMBYE Mod: The Horror Game 2019 which was downloaded over 50,000 times.
The Android app also appeared to be well reviewed, with a four out of five star aggregate user review score on the Google Play Store.
However, experts at Wandera discovered the app was actually stealing login credentials for Gmail and other Google services.
According to an online post by the security company: “Once installed, the app triggers a persistent phishing attack on the victim’s device.
“First, it displays a notification telling the user to update Google security services.
“When the user hits ‘update’, a fake Google login page is presented, which is very convincing other than the fact ‘sign in’ is spelled incorrectly.
“From here, the app tries to steal the victim’s Google username and password.”
The post went on to say that, unlike other malware-filled apps, it actually works and plays a fully functioning zombie game.
La Porta noted the app was patient, sometimes waiting for two days before malicious activity was installed.
The Wandera study also explained that the Scary Granny app displayed adverts on Android devices that were disguised as fake apps.
The apps it disguises to show these adverts included Facebook, Messenger, Instagram, Amazon, Pinterest and Snapchat.
“Our threat research team is continuing to investigate these ads.
“We have reason to believe they are trying to make the user download further malicious apps.
“In one example, the ad directs the user to a page which Google blocked, flagging it as being deceptive, which suggests it hosts malware or a phishing attack.”
In response to the Wandera research the Scary Granny ZOMBYE Mod: The Horror Game 2019 has since been removed from the Google Play Store.
Advising Android users on how to stay safe, Wandera said: “Despite the Google Play Store’s rigorous security checks, this app that has a shocking number of malicious functions has made it through.
“Perhaps by using time-released malicious behaviour, by using package names that closely resemble legitimate ones, and by being a fully functioning game, the game evaded suspicion and known red flags.
“What can you take away from this scary story? Always do your own security vetting and don’t blindly trust apps on the official app stores.”