Spyware in Font Apps on Google Play

Tuesday, May 14, 2013 @ 06:05 PM gHale


Use at your own risk: Downloading apps from Google Play is not as safe as it should be. Yes, it is getting more secure, but still, there are moments.

There are now two apps that install additional fonts on an Android device, but also offer a way in for spyware, said Webroot researchers.

RELATED STORIES
Android Malware Trending Up Again
Android Virus Scanners Easy to Trick
Spam Not as Visible, but More Severe
Android Trojan Spreads through Botnet

The apps in question, Free Galaxy Classic Fonts and Galaxy Fonts, have since gone off Google Play, but they are still on their developer’s official website.

Once the user downloads and runs one of the apps, and requests it to download and implement a new font, the app downloads the ikno.apk file — a spying app that forwards SMS, call logs, and location information to a web portal where the person doing the spying can review the information.

The official developer’s site apparently offers users to download iKno from the Android Market, but the users actually download it from the site.



Leave a Reply

You must be logged in to post a comment.