Android operating system always faces one form of malware attack or the other, probably because it’s one of the most use operating system in the world.
Security experts discovered an app in Google play store that secretly high jack your Google gmail login details. The app has been downloaded more than 50,000 times on plays store called Scary Granny ZOMBYE Mod: The Horror Game 2019.
Researchers at mobile security firm Wandera are warning Android users about this specific app. The Android app also appeared to be well reviewed, with a four out of five star aggregate user review score on the Google Play Store.
However, experts at Wandera discovered the app was actually stealing login credentials for Gmail and other Google services.
According to the security firm, once the app is installed, it triggers a persistent phishing attack on the victim’s device.
“First, it displays a notification telling the user to update Google security services.
“When the user hits ‘update’, a fake Google login page is presented, which is very convincing other than the fact ‘sign in’ is spelled incorrectly.
“From here, the app tries to steal the victim’s Google username and password.”
Unlike other malware-filled apps, it actually works and plays a fully functioning zombie game. The app don’t immediately triggers the phishing attack but wait for like two days before malicious activity get installed.
The Wandera study also explained that the Scary Granny app displayed adverts on Android devices that were disguised as fake apps.
The apps it mimicked to show these adverts included Facebook, Instagram, Amazon and Snapchat.
“We have reason to believe they are trying to make the user download further malicious apps.
“In one example, the ad directs the user to a page which Google blocked, flagging it as being deceptive, which suggests it hosts malware or a phishing attack.”
Though the malicious app has been removed from Google Play store but Android users are advised to fully take precaution of apps they download from Google store.