![google play store app menu google play store app menu](https://storage.googleapis.com/support-forums-api/attachment/thread-111073708-2070978456463235252.jpg)
- #Google play store app menu for android#
- #Google play store app menu android#
- #Google play store app menu software#
- #Google play store app menu code#
- #Google play store app menu download#
The nonprofit Security Without Borders found last year that one hacking contractor was hiding Android spy tools in Google Play on behalf of the Italian government. PhantomLance would hardly be the first instance of state-sponsored hackers abusing Google Play to distribute their spy tools.
![google play store app menu google play store app menu](https://img.gadgethacks.com/img/11/02/63589951688385/0/5-things-you-can-do-play-store-you-didnt-know-about.w1456.jpg)
The apps shared characteristics with Android malware that Chinese security firm Antiy Labs found in an unofficial Vietnamese app store in 2014, for instance, and the spyware's command-and-control domains overlapped with desktop-targeted OceanLotus malware identified previously by security firms Trend Micro, ESET, and Palo Alto Networks.
#Google play store app menu code#
Once Kaspersky had identified the PhantomLance apps, its researchers were able to match their code with older malware used by OceanLotus, which has been active since at least 2013.
#Google play store app menu software#
In total, Firsh says, Kaspersky's antivirus software detected the malicious apps attempting to infect around 300 of its customers phones. In every case, Firsh says, the hackers had created a new account and even Github repositories for spoofed developers to make the apps appear legitimate and hide their tracks.
![google play store app menu google play store app menu](http://3.bp.blogspot.com/-EGfPyERFXrQ/VlWX2hfWAGI/AAAAAAAAEts/y1qqgYcWjZo/s1600/google-play-app-options.jpg)
Those apps appeared to have a Vietnamese focus, offering tools for finding nearby churches in Vietnam and Vietnamese-language news. Kaspersky went on to find tens of other, similar spyware apps dating back to 2015 that Google had already removed from its Play Store, but which were still visible in archived mirrors of the app repository. "It could extend its features significantly."
#Google play store app menu download#
"What's important is the ability to download new malicious payloads," he says. (Google removed both malicious apps from Google Play after they were reported.) While the espionage capabilities of those apps was fairly basic, Firsh says that they both could have expanded. Kaspersky's researchers found a similar spyware app, impersonating a browser cache-cleaning tool called Browser Turbo, still active in Google Play in November of that year. Web found a sample of spyware in Google's app store that impersonated a downloader of graphic design software but in fact had the capability to steal contacts, call logs, and text messages from Android phones. The first hints of PhantomLance's campaign focusing on Google Play came to light in July of last year. FireEye also recently spotted the group targeting China's Ministry of Emergency Management as well as the government of the Chinese province of Wuhan, apparently searching for information related to Covid-19. Security firm FireEye, for instance, has linked OceanLotus to previous operations that targeted Vietnamese dissidents and bloggers. That suggests the PhantomLance campaign likely mixed spying on Vietnam's Southeast Asian neighbors with domestic surveillance of Vietnamese citizens. Kaspersky says it has tied the PhantomLance campaign to the hacker group OceanLotus, also known as APT32, widely believed to be working on behalf of the Vietnamese government. "You can deliver a link to this app, and the victim will trust it because it’s Google Play." "In this case, the attackers used Google Play as a trusted source," says Kaspersky researcher Alexey Firsh. Unlike most of the shady apps found in Play Store malware, Kaspersky's researchers say, PhantomLance's hackers apparently smuggled in data-stealing apps with the aim of infecting only some hundreds of users the spy campaign likely sent links to the malicious apps to those targets via phishing emails. Now security researchers have found what appears to be a more rare form of Android abuse: state-sponsored spies who repeatedly slipped their targeted hacking tools into the Play Store and onto victims' phones.Īt a remote virtual version of its annual Security Analyst Summit, researchers from the Russian security firm Kaspersky today plan to present research about a hacking campaign they call PhantomLance, in which spies hid malware in the Play Store to target users in Vietnam, Bangladesh, Indonesia, and India. Shady adware and even banking trojans have managed over the years to repeatedly defy Google's security checks.
#Google play store app menu for android#
Google's Play Store for Android apps has never had a reputation for the strictest protections from malware.