• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 11th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Hacking News
News

Android Users Beware: Verified Apps on Play Store can Spread MKero malware

September 11th, 2015 Ryan De Souza Android, Malware, News 0 comments
Android Users Beware: Verified Apps on Play Store can Spread MKero malware
Share on FacebookShare on Twitter

If you think that all the Android apps currently available on the legitimate Google Play Store are reliable and free-of-malware, then you are wrong.

Developers of MKero Malware, which was firstly identified in 2014, have altered their apps’ packing in such a manner that it easily and successfully passes through Google Bouncer, the vetting system of Google Play Store.

[must url=”https://www.hackread.com/android-malware-development-17-sec/”]Hackers Develop Android Malware Every 17 Seconds[/must]

Android Users Beware- Even Verified Apps on Play Store can Spread MKero malware

Android Users Beware- Even Verified Apps on Play Store can Spread MKero malware

MKero malware is CAPTCHA-evading software that can defraud its victims, claims senior e-threat analyst at BitDefender, Liviu Arsene.

Arsene stated that at least seven apps available on Google Play Store contain MKero malware because its creators found out the requirements of Google Bouncer for accepting apps.

It must be noted that the automated vetting system accepts applications according to a pre-set criteria.

According to Arsene,

“The developer kept submitting the code to [Google Bouncer] and it wasn’t picked up.”

Arsene also added that the apps’ code is the primary location where the entire malicious activity is conserved and obscured. As soon as the app makes it to the Play Store, the creators start pushing its updates.

How MKero Works?

The malware kicks itself into action soon after a user downloads and installs an apparently benign gaming application. MKero then introduces a premium SMS subscription service website into the device. This website contains CAPTCHA, which is then extracted by MKero and sent over to Antigate. Antigate is a firm that promises CAPTCHA image verification and its real-time translation.

When the verification is received back, MKero malware effectively signs up the victim for the service by entering on the SMS subscription website. Usually, the cost of such subscriptions is around 50cents/month.

50cents sound like peanuts, but Arsene pointed out that this amount often goes undetected in your monthly mobile bills. Now, when an app has been downloaded and installed hundreds of thousands of times, this meager amount becomes worthwhile for the creators of such apps. For instance, if the app has 50,000 installs, then the perpetrators actually would be raking in $250,000/month only by operating on a referral bonus from the SMS subscription provider.

[must url=”https://www.hackread.com/android-ransomware-pornography-app/”]Android Ransomware Hidden Behind Fake Pornography App[/must]

These premium text notification, obviously, aren’t ever received or acknowledged by the victim since the malware operates under administrator privileges and easily blocks SMS service notifications.

However, the app does need permission before being downloaded, therefore, reiterates Arsene, the significance of checking out and reading the permission page is paramount.

“Definitely always go through permissions. It doesn’t matter if you download through Google Play,” said Arsene.

[q]Android is the most vulnerable OS[/q]

According to sources at BitDefender, one of the developers known as Like Gaming, has published more than one applications containing this malware. However, the developer didn’t include the malware in all of the versions.

This is not the first time when a malware embedded Android app made it to Google Play store. In the past, a Fake BatteryBot Pro app was available on the store developed with the intention to hack users’ device.

[src src=”source” url=”http://www.hotforsecurity.com/blog/sophisticated-capcha-bypassing-malware-found-in-google-play-according-to-bitdefender-researchers-12616.html”]BitDefender[/src]

  • Tags
  • Android
  • Google Bouncer
  • Google Play
  • Malware
  • MKero
  • security
  • Smartphones
Facebook Twitter LinkedIn Pinterest
Previous article Windows 10 Spying Controversy—Canadian Authorities Start Investigation
Next article Microsoft is Force-Downloading Windows 10 on Windows 7 and 8 Machines
Ryan De Souza

Ryan De Souza

Ryan is a London-based member of the HackRead's Editorial team. A graduate of Maths and physics with a passion for geopolitics and human rights. Ryan places integrity at the pinnacle of successful journalism and believes this is somewhat lacking in traditional media. Ryan is an educator who balances his time between family, social activism and humanitarian causes and his vice is Football and cars.

Related Posts
Facebook ads dropped malware posing as Clubhouse app for PC

Facebook ads dropped malware posing as Clubhouse app for PC

Unpatched vulnerable VPN servers hit by Cring ransomware

Unpatched vulnerable VPN servers hit by Cring ransomware

Fake Netflix app on Play Store caught hijacking WhatsApp sessions

Fake Netflix app on Play Store caught hijacking WhatsApp sessions

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
2 scraped LinkedIn databases with 500m and 827m records sold online
Cyber Crime

2 scraped LinkedIn databases with 500m and 827m records sold online

Facebook ads dropped malware posing as Clubhouse app for PC
News

Facebook ads dropped malware posing as Clubhouse app for PC

Hackers leak data, 600k card info from Swarmshop cybercrime forum
Cyber Crime

Hackers leak data, 600k card info from Swarmshop cybercrime forum

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us