Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Tuesday August 01 2017, @02:24AM   Printer-friendly
from the here's-looking-at-^W^W-watching-you,-kid dept.

Google has expelled 20 Android apps from its Play marketplace after finding they contained code for monitoring and extracting users' e-mail, text messages, locations, voice calls, and other sensitive data.

The apps, which made their way onto about 100 phones, exploited known vulnerabilities to "root" devices running older versions of Android. Root status allowed the apps to bypass security protections built into the mobile operating system. As a result, the apps were capable of surreptitiously accessing sensitive data stored, sent, or received by at least a dozen other apps, including Gmail, Hangouts, LinkedIn, and Messenger. The now-ejected apps also collected messages sent and received by Whatsapp, Telegram, and Viber, which all encrypt data in an attempt to make it harder for attackers to intercept messages while in transit.

To conceal their surveillance capabilities, the apps posed as utilities for cleaning unwanted files or backing up data. Google said the apps contained evidence that they were developed by a cyber arms company called Equus Technologies. In April, Google officials warned of a different family of Android surveillance apps developed by a different provider of intercept tools called NSO Group Technologies. Those apps were related to the advanced iOS spyware known as Pegasus, which was used against a political dissident located in the United Arab Emirates. In that case, however, the Pegasus-related Android apps never made their way into Google Play.

Source: https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Wednesday August 02 2017, @04:21AM

    by Anonymous Coward on Wednesday August 02 2017, @04:21AM (#547839)

    You can ignore those, they're probably from MDC.