Google has removed a malicious app from its Play store that disguised itself as a popular program.The rogue software spoofed BatteryBot Pro, a legitimate app which monitors how much power a smartphone is using.
The fake app was able to send premium-rate text messages and blocked people from deleting it, said security company Zscaler on its blog.
One security expert said people might have to contact their mobile provider if they had downloaded the rogue app.
“Malicious apps in the Google Play store are nothing new,” said Rik Ferguson, vice-president of security research at Trend Micro.
“Android is the most widely installed mobile operating system so it’s an attractive user base for attackers.
“But undeletable apps like this exploit consumers who store their personal lives on a smartphone. We’re reluctant to wipe our handset in case we lose something.”
The real BatteryBot Pro is an app for Android smartphones that shows a user detailed information about their smartphone’s battery life.
Like many apps, when installed it asks for permission to access the functions of a smartphone it needs to run.
The fake version of the app requested access to features far beyond the scope of a battery monitor, including the ability to send text messages, install other apps and track a user’s location.
It also requested administrator privileges on the smartphone, to prevent people from deleting it, even after Google had pulled it from the Play store.
“I would recommend visiting your mobile provider as a first port of call,” said Mr Ferguson.
“This app targets people who are not confident with technology, so I’d recommend seeking help in the High Street stores.”
Zscaler said the rogue app was probably designed to commit “click fraud”: tricking online adverts into thinking a genuine user was interacting with them, to earn money for the attacker as part of a revenue-sharing agreement.
How to keep your smartphone safe
Security expert Rik Ferguson has this advice:
- Always check the publisher of an app is who you expect it to be. A quick internet search should reveal if there’s a problem
- Check which permissions the app requests when you install it. If an app asks for more than you want to share, don’t install it
- Delete apps you no longer use. Attackers can get into your smartphone through poorly written apps, so the more you have the greater the risk
- If you think you’ve installed a rogue app contact your phone’s service provider
One criticism of the Android operating system is that it only offers users “binary choices” over security – to either allow an app all requested permissions, or none at all.
“You can’t tell the phone, ‘I trust Google and Amazon, but nobody else’,” said Mr Ferguson, “It’s all or nothing.”
Google confirmed the next version of its mobile operating system, dubbed Android M, would give users more control over the permissions apps sought.
The fake BatteryBot Pro was removed from Google Play when the company was made aware of what had happened.
Google said it did not comment on specific apps, but said it had clear policies for developers.
“We remove apps from Google Play that violate those policies,” it said.