There’s a new trojan malware mimicking the Google Play Store
The app, uncovered by digital security investigators Cisco Talos is dubbed ‘GPlayed’, and presents itself as the Google Play Store to trick unsuspecting users into downloading and using it. Once installed and in use, GPlayed steals bank details and location information from the user’s phone. In addition it can transfer code between desktop and mobile platforms, meaning any connected computers are at risk too.
Like a Trojan file, a Trojan app pretends to be a legitimate app but instead installs malware and/or steals personal information. Previous examples include Skygofree, which described itself as an update to improve mobile internet speed but actually read your WhatsApp messages.
It’s unlikely this app will become available on the real Google Play Store; instead, it capitalises on the trend of mobile developers skirting the Play Store and App Store to release their apps through their own websites. This means unsuspecting users could download it, without the stringent protections of the Google Play Store to inform them that apps contain malware.
With online service providers constantly stepping up their game in terms of cyber security, criminals are likewise forced to find increasingly malicious ways to skirt the authorities. Be sure to make sure everything you download is legitimate, to ensure you don’t become a victim of Trojan apps too.