How a dangerous piece of Android malware snuck into the Google Play store

Yoni Heisler

18 January 2019 at 11:07 pm

Security researchers from Trend Micro recently unearthed a piece of Android malware known as Anibus that managed to sneak into the Google Play Store with a little bit of creativity. The malware in question was found on two separate apps, though neither of them were widely downloaded.

The way the apps managed to get on the Google Play Store is actually quite clever. In an effort to evade detection from emulators designed to detect behavior associated with malware, the malicious apps were uploaded to the Google Play Store but remained dormant unless motion was detected. Once motion was detected, the payload would spring into action.

Don't Miss: This $18 accessory brings the best thing about the Fire TV Stick to your Apple TV

This is incredibly shrewd, with Trend Micro noting:

The malware developer is assuming that the sandbox for scanning malware is an emulator with no motion sensors, and as such will not create that type of data. If that is the case, the developer can determine if the app is running in a sandbox environment by simply checking for sensor data.

The two apps found to contain the malware were masquerading as helpful utility apps, with one being a currency converter app and the other a battery monitoring tool. Both apps had scores of positive reviews, though it stands to reason that the vast majority of these reviews were fake.

The good news is that Google eventually unearthed the apps before they got too popular. The battery app, for example, was only downloaded 5,000 times before Google got wise and pulled the plug.

As for the malware in question, well, it’s particularly nasty. When activated, users are presented with a seemingly legitimate overlay of a banking splash page and are asked to enter in their credentials. All the while, the keystrokes are being logged. Trend Micro adds that Anibus can also steal sensitive credentials and user information by stealthily taking a snapshot of a user’s screen.

Trend Micro has a lot more detail on how the malware operates over here.

BGR Top Deals:

Trending Right Now:

See the original version of this article on BGR.com

The Telegraph
‘Mother found out about son’s affair with teacher after spotting love bite’
A mother found out about son’s affair with his teacher after spotting a love bite on his neck, a court has heard.
SETHLUI.COM
We tried Singapore’s best-rated Wanton Mee
The post We tried Singapore’s best-rated Wanton Mee appeared first on SETHLUI.com.
Storyful
Passenger Bus Crashes Into Saint Petersburg River
A bus crashed off a bridge and into the Moyka River in Saint Petersburg, Russia, on Friday, May 10, with local police saying around 20 people were on board.Local media reported that at least five people died, with four “seriously injured”. These figures had not been officially confirmed.The city’s governor, Alexander Beglov, said emergency services from various departments were on the scene.Local police said the circumstances that led to the bus being driven into the river were still being determined.This security footage shows the bus driving along the side of a building, swerving to hit a car, and then crashing into the river. Credit: Russian Ministry of Internal Affairs via Storyful
CNN
Elle Fanning’s naked dress has a long history
To some, arriving at an important event naked is the stuff of nightmares. For others, it’s a meticulously planned reality.
France 24
Zelensky fires bodyguard chief over foiled assassination plot
Ukrainian President Volodymyr Zelensky on Thursday fired the head of the department responsible for his personal protection after two of its officers were detained this week over an alleged assassination plot. Zelensky published a decree to "dismiss Sergiy Leonidovich Rud from the post of head of the State Protection Department of Ukraine".It did not state a reason for Rud's removal or name a replacement to the highly sensitive position.The announcement came after Ukraine's SBU security service
Evening Standard
David Moyes lands first new role following confirmation of West Ham departure
Julen Lopetegui expected to be appointed as successor in east London
Cosmopolitan
A Photo of Pedro Pascal and Dakota Johnson Kissing Passionately on the Street Has Gone Viral
A new photo of Pedro Pascal and Dakota Johnson kissing has gone viral on the internet, but this isn't a sign of new love.
The Daily Beast
Israeli Envoy’s Paper Shredder Stunt Falls Flat at U.N. Vote
AFP via Getty ImagesIsraeli Ambassador to the United Nations Gilad Erdan pulled out a paper shredder at the podium of the General Assembly on Friday and shredded a copy of the U.N. Charter to protest a resolution in support of Palestinian membership. “Today I will hold up a mirror for you,” he said, shortly before the general assembly overwhelmingly voted to back Palestinian membership. “This is your mirror. So that you can see exactly what you are inflicting upon the U.N. Charter with this dest
SETHLUI.COM
11 best rice dumplings you must indulge in Singapore this Dragon Boat Festival 2024
The post 11 best rice dumplings you must indulge in Singapore this Dragon Boat Festival 2024 appeared first on SETHLUI.com.
KameraOne
Angry customer throws hot coffee at waitress in New York
A shocking scene unfolded at a Thai restaurant in Brooklyn, New York, on April 29, when an angry customer threw a cup of hot coffee at a waitress. Security footage captured the irate woman yelling at the waitress for allegedly throwing a menu at her, before furiously hurling a cup of scolding hot coffee at her face. Police are investigating the assault.
CBC
Son accused of dismembering mother in Toronto testifies in trial
A man accused of brutally stabbing and dismembering his mother in an east-end condo before leaving her remains in garbage bags on the street told a Toronto jury that while he came from an abusive home, he never intended to kill his mother.
Cosmopolitan
The Actual Reason King Charles Won't See Prince Harry Has Everything to Do With Queen Camilla, Per Sources
The real reason King Charles won't see Prince Harry during his trip to England has been revealed by sources.
INSIDER
Russia's jamming of American weapons in Ukraine is showing the US what it needs to be ready for in a future fight
Russia keeps jamming US precision weapons in Ukraine, showing the US a problem it needs to solve before its next big fight.
INSIDER
He left his desk job in the US to run a food stall in Hong Kong. He earns more now — but plans to walk away from it soon.
Hong Kong's dai pai dong food stalls are facing extinction. The remaining licenses are only transferrable to family members.
The Smart Investor
4 Singapore Stocks Poised to Pay Out Higher Dividends
These four companies could be on the cusp of paying out more dividends. The post 4 Singapore Stocks Poised to Pay Out Higher Dividends appeared first on The Smart Investor.
SETHLUI.COM
S$9 Hotpot with free-flow Lu Rou Fan & DIY Ice Dessert at famous Chinese hotpot chain
The post S$9 Hotpot with free-flow Lu Rou Fan & DIY Ice Dessert at famous Chinese hotpot chain appeared first on SETHLUI.com.
The Telegraph
Why Earl Spencer will never give up on Prince Harry
When the Duke of Sussex flew back to Britain for the 10th anniversary of the Invictus Games, the narrative was more or less set before he arrived.
The Independent
Ten-year-old boy charged over Italian tourist’s sexual assault in Australia
Italian woman, 24, suffers bruising and scratches on head and face from alleged assault
Sky News
Russia Victory Day parade: Only one tank on display as Vladimir Putin says country is going through 'difficult period'
Russia only had one tank on display during its Victory Day parade this year. Every year, Moscow wraps itself in patriotic pageantry for Victory Day, a celebration of its victory over Nazi Germany in the Second World War. Today marks the 79th anniversary and Mr Putin addressed the parade in the Red Square, talking up his country's military capabilities in a speech aimed as much at a foreign audience as a domestic one.
The Telegraph
Inside Manchester United’s axis of power and how Erik ten Hag’s fate will be sealed
Sir Jim Ratcliffe, it is fair to say, is not afraid of voicing an opinion. A number of Ineos executives involved at his Ligue 1 club Nice had a WhatsApp group and, on occasion, Ratcliffe would not be shy about sharing his bemusement, for example, about an interim manager’s left-field team selections.

Latest stories