Author Topic: Fake Yandex Voice Assistant App Found In Google Play  (Read 217 times)

Online javajolt

  • Administrator
  • Hero Member
  • *****
  • Posts: 35125
  • Gender: Male
  • I Do Windows
    • windows10newsinfo.com
Fake Yandex Voice Assistant App Found In Google Play
« on: September 04, 2018, 02:16:06 AM »
Malicious developers hoping to catch more victims pushed to Google Play a fake client for Yandex's voice assistant, Alisa, security researchers discovered in August.

Google is quick to react when it comes to fraudulent apps distributed through its store. Sometimes the malicious content is removed the same day it was added to Google Play, but it looks like this is a constant, cat and mouse game.

In August, researchers from Russian security outfit Dr. Web reported over 100 malicious apps in Android's marketplace. Some of them masqueraded as legitimate apps to mask their duplicitous nature.

The scammers used Alisa, the virtual assistant from Yandex, to attract a larger number of victims, to peddle a Trojan that subscribes users to premium services behind their backs.

The malware opens a phishing site and offers the user a reward, asking for their phone number to receive a confirmation code. The code is not for confirming eligibility for the reward, but for completing a subscription to a premium service, which activates the moment the user connects to the internet.

Malware has a wider range of capabilities

Trojan, detected as Android.Click.248.origin, included in the fake Alisa app is regularly pushed in fake versions of popular apps, such as Viber and AliExpress online store.

Malware from the Android. Click family can also run commands from a command and control (C2) server to download arbitrary web resources that could compromise the victim's phone.

Dr. Web researchers discovered 127 fraudulent apps in Google Play, from 44 developers. A company representative told BleepingComputer that although Google moves quickly to clean the store, some can record over 1,000 downloads.

It is unclear how many victims fell for the fake Alisa app, but the number of downloads recorded by all 127 fraudulent apps discovered by Dr. Web amounted to about 10,000.

Responding to the inquiry about the malicious apps in Google Play, a company spokesperson stated the following for BleepingComputer:

"All apps on Google Play are required to follow our developer policies. While we don’t comment on specific apps, we remove applications that violate our policies, such as those that are illegal or that promote hate speech. If users come across any apps that are in violation of our developer policies, we encourage them to report it to our support team."

source
« Last Edit: September 04, 2018, 09:06:26 AM by riso »