Skip to main content
Customer Support Customer Support

Hacking Team’s evil Android app had code to bypass Google Play screening

  • July 17, 2015
  • 1 reply
  • 404 views
Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54

Full backdoor code wasn't installed until after user activated app.

by Sean Gallagher (US) - Jul 17, 2015
 
Security researchers at Trend Micro's Trend Labs have uncovered a trick in a sample of a fake news application for Android created by the network exploitation tool provider Hacking Team that may have allowed the company's customers to sneak spyware through the Google Play store's code review. While the application in question may have only been downloaded fewer than 50 times from Google Play, the technique may have been used in other Android apps developed for Hacking Team customers—and may now be copied by others trying to get malware onto Android devices.
 
Full Article

    1 reply

    R
    Community Guide
    By Mark Wilson
     
    Italian security and surveillance company Hacking Team was most famed for supplying monitoring tools to governments around the world, but a recent security breach revealed the inner workings of the outfit. Sifting through the leaked data revealed not only spying tools and Flash vulnerabilities, but also Android apps with backdoors.
    Security experts from Trend Micro found that spyware from Hacking Team was released to Google Play, bypassing checks that are usually performed. BeNews was a fake news apps -- now removed from the store -- that could be used to download remote access software to Android devices running anything from Froyo to KitKat.
     Trend Micro reports that the app was designed with the express intention of circumventing Google's malware filtering and checking. The app was even downloaded a few times before removal on July 7. The malicious app exploits a vulnerability to escalate local privileges to install malware and remote access tools. The way the apps makes it into Google Play is rather sneaky.
     
    full article

    Reply


    Terms & Conditions