There’s a new trojan malware mimicking the Google Play Store

Tom Bedford October 15, 2018

A recently discovered piece of Trojan malware is disguising itself as the Google Play Store.

There’s a new trojan malware mimicking the Google Play Store

The app, uncovered by digital security investigators Cisco Talos is dubbed ‘GPlayed’, and presents itself as the Google Play Store to trick unsuspecting users into downloading and using it. Once installed and in use, GPlayed steals bank details and location information from the user’s phone. In addition it can transfer code between desktop and mobile platforms, meaning any connected computers are at risk too.

Like a Trojan file, a Trojan app pretends to be a legitimate app but instead installs malware and/or steals personal information. Previous examples include Skygofree, which described itself as an update to improve mobile internet speed but actually read your WhatsApp messages.

It’s unlikely this app will become available on the real Google Play Store; instead, it capitalises on the trend of mobile developers skirting the Play Store and App Store to release their apps through their own websites. This means unsuspecting users could download it, without the stringent protections of the Google Play Store to inform them that apps contain malware.

Both the Amazon app store and popular game Fortnite have been released on mobile devices through website browsers instead of app stores, setting the precedent for more developers to do so.

With online service providers constantly stepping up their game in terms of cyber security, criminals are likewise forced to find increasingly malicious ways to skirt the authorities. Be sure to make sure everything you download is legitimate, to ensure you don’t become a victim of Trojan apps too.