Researchers from security specialists have discovered four new malicious apps in the Google Play Store. The applications, which are now on more than 100,000 Android smartphones, allow attackers to scam users, intercept passwords and install additional dangerous apps.
The culprits in question are Smart SMS Messages (version 1.3.2), Blood Pressure Monitor (1.3.238), Voice Languages Translator (2.0), and Quick Text SMS (2.0). All four applications have since been banned from the Google Play Store, but for tens of thousands of users, the intervention came too late. Anyone who has installed one of the apps on his smartphone or tablet should remove it without delay, according to the Pradeo researchers.
The applications contain a mix of Joker and Dropper malware variants. They specialize in subscribing users unsolicited (and undetected) to paid services, such as premium text messaging services and phone numbers. The malware is very difficult to detect and has made its way into thousands of apps over the past three years.
The Smart SMS Messages and Blood Pressure Monitor applications go one step further, and can also make in-app purchases on their own. By intercepting one-time passwords, they surreptitiously circumvent the so-called two-factor authentication (2FA). Smart SMS Messages does this by unnoticed reading text messages and taking screenshots, the other rogue app intercepts the content of notifications.
Users usually only notice that they have been the victim of a scam when they receive a peppery telecom bill a few weeks later.