The Google Play Store is one of the “tech heavens” for apps. People visit the store to get the latest and the greatest in app development. The Apple Store may be on top of tech heaven charts, but the Google Play Store is sitting right next to them. When Google researchers found an app in the store that could listen and steal communications from tech devices, the researchers went to work. They put the hurt on the app and got it out of the store.
The malware app, Lipizzan, has a code from the Israeli company, Equus Technologies. Equus Technologies offers solutions to intelligence agencies, law enforcement, and national security organizations. The app Google researchers found is multi-stage spyware, according to Ken Bodzak and Neel Mehta of Google’s Threat Analysis Group, and Megan Ruthven of Android Security. According to those security experts, Lipizzan can hijack a person’s email, text messages, location, local media information and voice calls. The app can also take screenshots of a person’s device, and then hijack the camera, so the people behind the spyware can take pictures and record videos.
When Lipizzan is active, it has the ability to steal data from LinkedIn, Snapchat, Google Hangouts, Skype, Facebook Messenger, and other popular message platforms like Viber, WhatsApp, and Telegram, the encrypted communications app. When someone installs an infected app, the app will download a “license verification.” That verification examines the user’s device. If the device meets certain requirements a second stage of the app kicks in, and a connection to the Control and Command server comes next.
According to Google, less than 100 people have the app on their devices. That means the infection rate is low, and Google plans to keep it low. The app was hiding in the Google Play Store using names like “Cleaner” and “Backup.” Another wave of apps hit the store as alarm manager, notepad and sound recorder apps. Google has an app, the Google Play Protect app, that helps people recognize malware like Lipizzan before serious damage occurs.
Malware hiding in the Google Play Store is not uncommon. At the beginning of 2017, a malware scheme did some serious damage. Forty million phones got a nasty bug from the Google store, so Google is making an “all in” effort to identify and block these rogue apps. These apps have the potential to make people miserable in more ways than one. Malware is part of the tech world, but it doesn’t have to be part of everyone’s world, according to Google researchers.