Google warn users against Play Store apps capable of "billing fraud"

Google has issued an important warning, with Android smartphone users the main target of a new string of Google Play Store apps capable of "large-scale billing fraud".

This family of apps have been nicknamed 'Bread' (also known as Joker), which Google says it has been tracking as far back as early 2017.

The tech giant say that these apps have been designed solely for SMS fraud , which is one of three types of billing fraud classified by the company.

Generally speaking, these apps are designed to automatically charge the user in an intentionally deceptive way.

In total, Google say they have identified a total of 1,700 unique Bread apps which were subsequently removed from the Google Play Store.

As Google explain, it's not just the tracking of these apps that proves difficult, but also the ways and means the apps have gone to, in order to avoid detection.

"As the Play Store has introduced new policies and Google Play Protect has scaled defenses, Bread apps were forced to continually iterate to search for gaps.

"They have at some point used just about every cloaking and obfuscation technique under the sun in an attempt to go undetected.

"Many of these samples appear to be designed specifically to attempt to slip into the Play Store undetected and are not seen elsewhere."

  • Windows 10 Upgrade: Download today before Windows 7 stops working

  • If Batman on PS5 and Xbox Series X looks like this, it'll be worth the wait

The blogpost by Google goes on to call these Google Play Store apps "a well organized, persistent attacker" and clearly something everyday users should be wary of when downloading or using any app on their smartphone.

And whilst Google may have stopped 1700 apps so far, it doesn't sound as though there will be any let up from these malicious apps anytime soon.

"Sheer volume appears to be the preferred approach for Bread developers. At different times, we have seen three or more active variants using different approaches or targeting different carriers. Within each variant, the malicious code present in each sample may look nearly identical with only one evasion technique changed.

"At peak times of activity, we have seen up to 23 different apps from this family submitted to Play in one day. At other times, Bread appears to abandon hope of making a variant successful and we see a gap of a week or longer before the next variant. This family showcases the amount of resources that malware authors now have to expend. Google Play Protect is constantly updating detection engines and warning users of malicious apps installed on their device."

Despite Google's best efforts, 9to5google suggests that back in September, 24 (now removed) apps still managed to amass 500,000 downloads.

So the work is far from over.

  • Is Fortnite shutting down? 2020 Epic Games Server shutdown rumours explained

  • Is PSX 2020 happening? Will PlayStation Experience return with PS5 as the focus?

The last significant update to have exposed these 'Joker' malware apps occurred back in September by cybersecurity firm CSIS Security Group .

"The research shows that the “Joker” malware within these infected apps was able to secretly sign people up to premium subscription services, steal SMS messages, contacts, and even nab key device information such as the serial and IMEI numbers." 9to5google explained.

Whilst we hope that these apps have all largely been removed from users phones, to be sure, make sure your smartphone no longer has any of the below apps downloaded. And if you do, delete them asap.

The full list of apps flagged by CSIS can be found below:

  • Advocate Wallpaper
  • Age Face
  • Altar Message
  • Antivirus Security — Security Scan
  • Beach Camera
  • Board picture editing
  • Certain Wallpaper
  • Climate SMS
  • Collate Face Scanner
  • Cute Camera
  • Dazzle Wallpaper
  • Declare Message
  • Display Camera
  • Great VPN
  • Humour Camera
  • Ignite Clean
  • Leaf Face Scanner
  • Mini Camera
  • Print Plant scan
  • Rapid Face Scanner
  • Reward Clean
  • Ruddy SMS
  • Soby Camera
  • Spark Wallpaper

Equally if you think you might be safe from any of the above, the report at the time stated that this malware-infected apps would only attacks those in selected countries.

Unfortunately, United Kingdom is one of these 37 targeted countries, along with: Australia, Austria, Belgium, Brazil, China, Cyprus, Egypt, France, Germany, Ghana, Greece, Honduras, India, Indonesia, Ireland, Italy, Kuwait, Malaysia, Myanmar, Netherlands, Norway, Poland, Portugal, Qatar, Republic of Argentina, Serbia, Singapore, Slovenia, Spain, Sweden, Switzerland, Thailand, Turkey, Ukraine, United Arab Emirates, and United States.

Read More

Latest Games News

  • Destiny 2 Devil's Ruin Quest Steps
  • GTA 5 adds amazing Vice City update
  • Call of Duty Modern Warfare Next Update
  • Destiny 2: Bungie talk 2020 plans
  • PUBG Mobile Season 11 Release Confirmed
  • ​​Red Dead Online Arrowhead Locations
  • Is Minecraft shutting down in 2020?
  • PewDiePie net worth for 2019 uncovered

Source: Read Full Article