Previously Known Open-Source Android Spyware Makes Its Debut On Google Play

date

26-Aug-2019

ESET researchers have discovered the first known instances of spyware based on the open-source espionage tool called AhMyth. This particular spyware was posing as an internet radio app playing very specific Balochi music; however, the spying capabilities may be easily attached to any other app. AhMyth, from which the internet radio app borrowed its malicious functionality, was made publicly available in late 2017. Since then, various malicious apps based on AhMyth have appeared. However, the above-mentioned app, named Radio Balouch, is the very first of them to make it onto the official Android app store, Google Play.

ESET Mobile Security for Android has protected against AhMyth and its derivatives since January 2017, even before AhMyth went public. “The malicious functionality in AhMyth is not hidden, protected, or obfuscated. For this reason, it is trivial to identify the Radio Balouch app – and other derivatives – as malicious and classify them as belonging to the AhMyth family,” comments Lukáš Štefanko, malware researcher at ESET who conducted the investigation.

After ESET reported the discovery to Google, its security team removed the malicious Radio Balouch app from the store. The attackers, however, were quick to make the app reappear on Google Play. “We also detected and reported the second instance of this malware, which was then swiftly removed. However, the fact that the same developer was able to post this evident malware to the store repeatedly is disturbing,” says Lukáš Štefanko.

Radio Balouch, detected by ESET as Android/Spy.Agent.AOX, has been promoted on a dedicated website, Instagram, and YouTube. After having been removed from Google Play, it is now only available on alternative app stores. This app is a fully functional Internet radio application for music specific to the Balochi region. In the background, however, it spies on its users: it can steal contacts and harvest files stored on the affected device. “The open-source AhMyth espionage tool has a number of variants whose functionalities vary. The Radio Balouch app – and any other AhMyth-based malware, may receive further functions in the future,” warns Štefanko.
According to ESET researchers, the repeated appearance of the malicious Radio Balouch app on the Google Play store should serve as a wake-up call to both the Google security team and Android users. “Unless Google improves its safeguarding capabilities, a new clone of Radio Balouch or any other derivative of AhMyth could again appear on Google Play,” comments Lukáš Štefanko. “The key security imperative - to stick with official sources of apps- still holds; however, that alone can’t guarantee security. We highly recommend users scrutinize every app they intend to install on their device and use a reputable mobile security solution,” concludes ESET’s Štefanko.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centers worldwide, ESET has become the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.
 

Latest Press Releases

Tanveer Ahmed, elaborates on how acting helps you to manage stress and provides full control over your ...

..

14-Oct-2019

Attendees get practical tips and free medical advice to help them manage careers and lifestyles despite ...

..

14-Oct-2019

EXPECT A SPIRITUALLY ELEVATED MUSIC EXPERIENCE

..

09-Oct-2019

An innovative fuel service from ENOC – delivering fuel at the doorstep of businesses and fleets

..

08-Oct-2019

Award-winning author led a reading and book-signing activity

..

15-Oct-2019


Most Viewed Recent Press Releases

Vistara, India’s finest full-service carrier and a JV of Tata and Singapore Airlines, yesterday inaugurated ...

[3285 views]

Contentious Subject of Very Low Carb Diets was Chosen as the Topic for Debate at Imperial College London ...

[3174 views]

Shaza Hotels has announced the opening of the highly anticipated Al Badayer Oasis – Sharjah Collection ...

[3018 views]

Sime Darby Oils (SDO) and Dr. B.R. Shetty owned Abu Dhabi Vegetable Oil Company (ADVOC), are pleased ...

[2853 views]

As part of Dubai Judicial Institute’s (DJI) efforts to support the Dubai Strategy for the People of ...

[2814 views]

Moorfields endorses taking precautions to get the most out of the season while decreasing any risk

[2736 views]


Related Links_


Google ADS

Other Info_

..

Health Care

Multi Specialty medical facilities, government hospitals & private clinics

..

Education

Nurseries, Kindergardens, Schools, Colleges, Universities & Higher Education

..

Popular Restaurants

Dining in Dubai - selection of restaurants where you can relax & enjoy a variety of cuisines of choice

Jobs at Dubai_

Find latest Dubai Jobs & Vacancies from placement agencies, employers & recruitment consultants in Dubai, Abu Dhabi & other Emirates in UAE.

Dubai Tours & Packages_

Book quality Dubai tours, best Dubai holiday packages with visas & Dubai hotel booking with special offers & discounts

Warnning

Unsupported Browser

This website includes CSS elements that your browser does not support. Please upgrade your browser to a current version, then come back and try again.

Upgrade your Browser for more experience

Chrome Firefox Safari Edge