PhantomLance spying campaign breaches Google Play Store

Disclaimer: Every news/article published at Hacking Scams™ is not for hacking purposes. It is to promote awareness and to secure cyberspace. We never promote hacking through our articles. If you find anything inappropriate as similar to hacking, report us here.

PhantomLance spying campaign breaches Google Play Store

PhantomLance spying campaign breaches Google Play Store

The modern age of technology of which smartphones own a significant percentage has made lives facile. Yet it has opened a lot of vulnerabilities for exploiters to cause damage to people using it. Although almost all the biggest tech-giants assure you that they provide the best security and protection against malware and spyware, nothing is perfect in this world. As every lock can be opened, everything can be hacked; you need to find the ideal loophole to do so.

One of the biggest conglomerates in the world, Google has not always been on good terms when it comes to protecting users from malware. Android, the operating system which rules over 87 percent of the entire smartphone industry is more vulnerable to malware than you think. Although Google claims that it is one of the secure platforms, reports tell a different story.

Last year Russian security firm Dr Web also found spyware application in the Google Play Store, which was a graphic design app. Still, it could steal vital information like contacts, call log, text message, etc. from the Android Smartphone.

How it came out?

The story broke out when security firm Kaspersky Labs, PhantomLance spying campaign breaches Google Play Store in which they hid malware in the Play Store to target users in countries like Vietnam, Bangladesh, Indonesia, and India. All the tests were performed under controlled circumstances, and only about 100 users were targeted. Their primary method of convincing people to download those apps was by sending them emails that had a link to those malicious apps. The links were usually of Google Play, so many people trusted the authenticity of the email and downloaded the apps from those links. 

The team mainly targeted apps that were meant to thieve the user’s information and exploit their privacy. Most of the apps which thieve user data thieve things like contacts, call logs, and messages. Hackers can use these to their advantage and can thieve a lot of things like bank OTP etc. It doesn’t end here. The team claimed that more damage could be done. According to them, the attacker can get root privileges on the device and can monitor and control everything on the victim’s smartphone. It includes things like photos, media, and credit/debit card credentials, causing massive damage to the victim.

Does android smartphone is more vulnerable to malware than being secure?

How can it be exploited on the Play Store and how you can be safe?

Usually, the malicious apps which are intended to thieve data and cause damage do not contain malicious code when they are on play store. The real game kicks in when the user downloads the app from the play store. After downloading, hackers insert the malicious code via an unofficial update that does not go through google, hence not verified and checked. So you as a user must be aware of which apps you are downloading and must verify the developer’s authenticity.

Moreover, Google’s Play Protect service on the play store can help you with that. You can check the security status of any app by following these steps.

· Open google play store on your device

· Tap menu and then click on Play Protect.

· Look for information about the status of your device.

Also, you must turn on Improve harmful app detection option in Play protect settings so that unknown apps on your device are sent to Google and it verifies them. Your safety is on your own, so be smart and be safe.

Read Previous & Related News:

Subscribe to Hacking Scams

    

Like us on Facebook


  • Facebook(0)
  • Google Plus(0)
  • Disqus(0)