back to article Contacts-slurping Android malware sneaked onto Google Play store – twice

Android spyware – open-source spyware, no less – has found its way onto the Google Play store, according to researchers from ESET. The nefarious software masqueraded as a fully functional internet radio app targeted at the Balouch people of Pakistan, Afghanistan and Iran, the Slovakian threat intel outfit said. As well as …

  1. JohnFen

    How it looks to me

    It looks to me like the vast majority of apps in the Play Store are just spyware anyway. Pick any random app and the odds are very high that it is engaging in telemetry and/or the collection of some sort of user data such as location, how you use the device, etc.

    1. Anonymous Coward
      Anonymous Coward

      Re: How it looks to me

      I’m really surprised Google aren’t trying harder to crack down on this type of behaviour. Isn’t their entire business model based on selling this data themselves? Or are they worried about some kind of antitrust issue?

      1. doublelayer Silver badge

        Re: How it looks to me

        It doesn't hurt all that much if other people get slices of the data. Many of them are showing Google ads anyway, and most of the other data collection isn't for ad competition but for spyware purposes. Why should Google care about that?

        Also, implementing real checks that catch copied malware code that hasn't been hidden in any way would take, like, a month for a few Google Play engineers. They could be working on something else. Something more useful like ... Android security updates and getting those running on more devices? No, not those. These are cloud engineers after all. How about ... malicious extension detection for Chrome? No, not that either. They're not focused on that type of code. Another idea ... thinking ... thinking ... got it! They could work on preventing ad blockers from working. Sound good to everyone? Well, we've identified the best use of developer time. Go back and get that implemented guys.

    2. Anonymous Coward
      Anonymous Coward

      Re: How it looks to me

      Especially the 'games' you can find on there. Vinny Vinesauce put it best during one of his "Android Trash" segments: "Why does Talking Horse need access to my contacts?!"

      1. Halfmad

        Re: How it looks to me

        Yeah the permissions especially are simply far too relaxed on the Android store, it should always be the minimum required.

        Then again on IOS it's not much better. I have bought an app but because I don't allow it to collect telemetry data it simply keeps putting a banner across the top saying we aren't "supporting them". I mean WTF? I literally bought the app you *****.

      2. Robert Carnegie Silver badge

        "Why does Talking Horse need access to my contacts?!" wants to talk to them?

        One way to find out... but don't do it.

  2. redpawn

    Reveals the Goo in Google

    They have an unsafe store and your phone's maker won't update the OS. It's clear Google only cares about obtaining your data and doesn't much mind others doing the same.

  3. Chris G

    Makes you wonder who is benefitting from these apps.

    I would guess at more than ninety percent of all the apps on playstore want more permissions and access than they need to function.

    Playstore is basically one big slurpathon.

  4. Cavehomme_

    Time they "woke" up!

    We need to stop this crap situation once and for all...not just this specific instance but across the whole industry.

    We need "security by design", not by inconvenience, can't be arsed, I'm too busy climbing the corporate ladder, etc, etc...

    IT companies need to be sued, fined even imprisoned for their failures.....that'll very quickly make their Millenial employees and managers and directors "woke" to reality, ffs.

    1. Charles 9

      Re: Time they "woke" up!

      Nah, they'll either lawyer their way out of them, move out of judicial reach, or at the extreme, lobby to change the government under threat of taking their taxes elsewhere.

      1. sabroni Silver badge

        Re: Time they "woke" up!

        This kind of divisive, bigotted nonsense is everywhere on the web these days. I'd hoped elReg's clientelle were a little bit more grown up than to think the world is broken into "them" and "us" with "them" the baddies and "us" the goodies.

        Businesses everywhere cut corners whether they are forced to for financial reasons or because they think it's a good way to make lots of money. When the people in the business were born has no relation to this, it's been going on since business started.

      2. John Brown (no body) Silver badge

        Re: Time they "woke" up!

        "under threat of taking their taxes elsewhere."

        What taxes?

        1. Charles 9

          Re: Time they "woke" up!

          A phrase comes to mind: Better 10% of something than 100% of nothing.

  5. Anonymous Coward
    Anonymous Coward


    You mean that Google's Play Protect that is installed on every single Android device didn't flag this RAT even though it's SHA sum is already well known to Google owned VirusTotal?

    I'm shocked!


  6. Suburban Inmate
    Big Brother

    This happened to me!

    I tried out an app, briefly, with newly minted credentials (email, etc) on my personal 'droid. It wanted permission for contacts, but I specifically told it in the app I did not want it to use them to search for other users.

    Who did it suggest as fellow users? Why, only a bunch of folk lifted from my phone numbers, and others linked to them!

    It was called "Face Book" I think.

  7. Anonymous Coward
    Anonymous Coward


    Pestilence and malware has long been foretold in the great book of tech revelations. Breaking news: Google has officially confirmed its status as "evil" by stamping a number on the ancient Android's forehead.

  8. Anonymous Coward

    Why all this effort...

    ... to target a specific, small ethnic group?

    1. Twanky

      Re: Why all this effort...

      "... to target a specific, small ethnic group?"


      The next question is to who hates the apparent target group so much? And why? And what are they going to do with the information gathered?

      After that we can start asking why do people put up with this sort of shit?

      And then, why do most people expect their pocket computer to be secure? Secure enough to put all their personal details on it? And use it for personal finance? The short answer to that can only be: brainwashing.

      1. JohnFen

        Re: Why all this effort...

        It's more likely to be laziness than brainwashing, I think. Most people these days seem to value "convenience" over all other considerations.

      2. John Brown (no body) Silver badge

        Re: Why all this effort...

        "And use it for personal finance?"

        People do that? The closest I get to that is using it as <gasp!> a phone and dialling my banks phone banking service to check balance or confirm a payment or deposit went through. I suppose that means Google and maybe others know which bank I use from the number dialled. But then they don't know my real name from the information on the phone. (They might, potentially, have identified me by scraping my phone book and linking that with other data around the web and the people in my phone book)

  9. Anonymous Coward
    Anonymous Coward

    Contacts-slurping ... Google Play store

    "Contacts-slurping Android malware sneaked onto Google Play store"

    What about Playstore itself... why would it insist on access to 'Contacts'?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like