Skip to main content
  1. Home
  2. Mobile
  3. News

The Google Play store hosted malware meant to steal from North Korean defectors

Lulu Chang
By

McAfee researchers have discovered that hackers with links to the North Korean regime managed to make Google complicit in stealing information from defectors from the nation. As per a recently published blog post, the Google Play store has apparently been playing host to at least three apps designed to collect data from specific individuals. Two of these apps were posing as security apps, while the third claimed to provide food ingredient information. But what they really did was steal information from devices and receive certain code that allowed them to further access data like photos, contact lists, and even text messages.

In most instances, McAfee found the apps were generally sent to select users, generally by contacting them via Facebook. By the time McAfee privately notified Google as to the existence of these apps, 100 folks had already downloaded them, and the apps had been live in the Google Play store for three months — from January to March. Alas, this highlights the shortcomings of Google’s filters that are intended to keep out malware.

Recommended Videos

The alleged actor behind these apps doesn’t appear to be a new player in the hacking scene. Back in January, McAfee noted that it had found malicious apps intended to infect North Korean journalists and defectors’ devices. The group behind these apps was subsequently named Sun Team, and is apparently the same group behind these latest apps.

Related

At the very least, the apps were all linked to the same developer email address. Moreover, McAfee found that the words used in the control servers were common in North Korea, but not South Korea. There was also a North Korean IP address discovered in a test log file of some Android devices connected to account used to send out the malware. This has led researchers to believe that the attacks are based in the isolated nation.

“These features are strong evidence that the actors behind these campaigns are not native South Koreans but are familiar with the culture and language,” McAfee researchers wrote. “These elements are suggestive, though not a confirmation, of the nationality of the actors behind these malware campaigns.”

Editors' Recommendations

Topics
Lulu Chang
Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Google just banned call-recording apps from the Play Store
google-pixel-3a-xl-phone-call

Google will soon ban third-party call-recording apps from the Play Store. First highlighted by a developer of an affected app, Google made the announcement in a Google Play policy update that becomes effective on May 11. Once in force, developers who want to submit apps to the Play Store will no longer be able to use the Android Accessibility API to record calls, killing the utility of call-recording apps on Android.

Google hasn't allowed third-party call recording on Android officially for years now. It's no surprise as call recording is a legal minefield, with different countries and even states having their own rules. If you're using a first-party phone app, you'll notice that this feature appears or disappears depending on where your phone thinks you are, and third-party recording apps hacking onto the company Accessibility API were one way to get around this.

Read more
Google ditches Play Movies app in favor of Google TV
aftermaster pro fixes tv movie audio issues man on couch watches a mobile phone

The Google TV app is taking over for Play Movies & TV across all Android devices. When Google TV was introduced in late 2020, its mission to replace Play Movies & TV seemed like a good idea as the preinstalled app wasn't doing a lot to take users' attention away from other streaming apps. Google TV's addition to the Android ecosystem has been pretty gradual up to this point, but now it's set to be an essential part of the Android experience.

Play Movies & TV will be officially retired as the face of Android's streaming content store in favor of Google TV starting in May. At that point, buying content on Play Movies & TV will no longer be supported in the Play Store, Google announced earlier this week. Google TV will take Play Movies & TV's place as the preinstalled streaming app included by default on every Android device at that point.

Read more
Google Play is helping developers meet gamers where they are
Image of Google Play game running on a Windows PC.

Google Play is setting the stage for a big year of growth in mobile and cross-platform gaming, with several new initiatives to help and encourage developers to build even more exciting and engaging gaming experiences.

The increased power of modern smartphones as gaming powerhouses has allowed for the creation of more sophisticated mobile games, many of which can easily be called “console-quality.” However, this has also given rise to more demand from players to be able to enjoy these gaming experiences on a larger screen.

Read more