Bitdefender antimalware researchers Csaba-Zsolt Juhos and Vlad Ilie thoroughly documented SndApps as a trojan malware family – but Google doesn’t see it their way.
The first instance of a SndApps adware trojan was discovered and described by a NCSU team with Assistant Professor Xuxian Jiang at the lead on July 4 this year and removed on July 17 by Google from the Android Market.
Yet, the applications have been returned and are still present in the Android Market, having underwent a few changes – such as the addition of “interesting” EULAs and encryption for the haul of data they make off with.
Apparently, that’s all it took for Google to re-instate them on the market.
This, for an app that takes the phone’s IMEI, the victim’s phone number and e-mail address, the network operator name and country code, encrypts the stolen information using AES/CBC and uploads it to a server controlled by the malware authors. This done, it proceeds to serve advertisements, in the form of notifications.
Not what you or I would call a legitimate app – yet the rigid rules set by Google make it possible for these programs to continue to be distributed, under the aegis of the Android Market.
tags
Razvan Stoica is a journalist turned teacher turned publicist and technology evangelist. Recruited by Bitdefender in 2004 to add zest to the company's online presence.
View all postsJune 08, 2023
May 02, 2023
January 11, 2023
January 05, 2023