Malicious Voice Messaging Apps Invade Google Play Store

Security firm Trend Micro has identified several apps on the Google Play store masquerading as legitimate voice messenger applications. Although a majority of the apps have been taken down, some still remain and there are indications that these threat actors will continue to upload new apps and develop additional, more sophisticated modules for them. Current module capabilities include hiding the app’s icon to avoid deletion and the opening of arbitrary, malicious URLs. The infected apps can execute automatic pop-ups of fake surveys and generate fraudulent ad clicks. The surveys collect personal user information like names, phone numbers, and addresses, and promise that users will receive gift cards in return. Google will continue to monitor and remove any fraudulent apps. The NJCCIC highly recommends running mobile security software on your device, only downloading apps from official app stores, and auditing requested app permissions prior to downloading. For additional security recommendations, visit our Android Be Sure to Secure page, and for more details about the malicious voice apps and associated indicators-of-compromise (IOCs), review the Trend Micro blog post.