Security researchers are reporting that malicious Android apps they have detected and reported to Google the first time, have slipped back into the Play Store after changing their name.
Seven of these apps have been “rediscovered,” said Symantec in a report published yesterday. The company’s experts say the author of the original malicious apps didn’t do anything special, but only changed the app’s names, without making modifications to the code, and re-uploaded the apps on the Play Store from a new developer account under a new name.
Symantec says it detected seven of these re-uploaded apps on the Play Store, which it re-reported to Google’s security team and had them taken down again.
The apps were promoted as emoji keyboard additions, space cleaners, calculators, app lockers, and call recorders. A list of these seven malicious apps is available in the image below, or in this text file.
The security researchers who analyzed these apps said none of these apps worked as promised, but instead focused on tricking the user into granting it admin rights, and then showing ads via Google Mobile Services, or loading scam sites in the user’s browser.
The revelation that malware authors can bypass Google’s Play Store defenses just by changing file and account names is disheartening, to say the least.
Second set of malicious apps discovered
But besides the seven apps re-uploaded to the Play Store, the same Symantec team also discovered another 38 malicious apps, different from the first, which also made it on Google’s official app store.
Experts say these malicious apps were focused on loading a blog’s URL in…