Last updated on February 10th, 2015
Every day hundreds of thousand Android users get hit by malware posing as games on Google Play, or warning- ” You are at risk”. Ignore these messages, you’re not safe.
These malwares are laced in Play-Store apps, when users open these apps on their device, a warning message blinks to warn them about non-existent infections, or that their devices are out of data or have serious security threats.
Victims are then asked to take action. If they agree, they are redirected to poisoned Web pages that contain malicious app stores, or malicious apps that try to send premium SMS messages, which are expensive, without the knowledge of the user. Sometimes, users were directed to legitimate companies’ websites, or even to some security apps on Google Play, but even if they install these security apps, the unwanted ads keep on popping up.
Although you must know, Google Play Store checks every app for malware, spyware and threats before publishing on Google Play. The scanning is done by Bouncer, a service Google implemented in 2012. Google can then disable developer apps and accounts if they violate its terms and content policies.
What Goes Wrong?
Google’s app scanning process may have missed the malware because they rely mostly on source code scanning analysis. Which means if there is any “time bomb” method used inside the app, Google will not disapprove it. ‘Time bomb’ is a method which after installation waits for a period of time, after which it downloads and executes the malware popping some “Alert message”.
What should you do?
1. Do not ever click on any warning popping onto your phone’s screen saying “Critical threats have been found”.
2. Do not download apps from outside the Google Play.
3. Do not try to download from unknown publisher. The app may contain malware.
4. Install some anti-virus software on your Android device.