HomeTechnologyFake Android app generates personal privacy warning

Fake Android app generates personal privacy warning


What seemed like a harmless and easy-to-use messaging service for Android users turned out to have an ulterior motive.

Taking the phone numbers of everyone who downloaded it and allowing others to “rent” them for use in an account creation service.

CLICK FOR KURT’S CYBERGUY NEWSLETTER WITH QUICK TIPS, TECH REVIEWS, SECURITY ALERTS AND SIMPLE INSTRUCTIONS TO GET SMARTER

Read on to find out what you need to know about a fake Android app and how to protect yourself against malware.
(Reuters, File)

Fortunately, thanks to an intrepid security researcher, the app was successfully shut down.

Caught ‘Read’ Hands

the Symoo App advertised itself on Google Play as “JustSms is an easy to use SMS application.”

While the shockingly poor grammar should have been a serious red flag to begin with, the app somehow managed to attract over 100,000 downloads and earn a 3.4 rating on Google Play.

Although not all the reviews were very favorable.

In fact, many users immediately noticed something was wrong, reporting that the app asked for a one-time password during installation and seemed to be hijacking their phones.

These red flags also caught the attention of Maxime Ingrao, a French security researcher currently working at the cybersecurity company. Evina.

Upon learning of the malware attached to the app, Ingrao shared exactly what Symoo did on his Twitter page.

HOW TO INCREASE THE FONT SIZE ON ANDROID

Screenshot of Maxime Ingrao sharing that Evina, a cybersecurity company, has malware attached to their app.

Screenshot of Maxime Ingrao sharing that Evina, a cybersecurity company, has malware attached to their app.
(FoxNews)

Accompanied by screenshots, Ingrao explained how Symoo read and sent all messages directly to a server specifically designed to sell “account creations,” allowing people to use phone numbers to verify they were real, and then used the phones infected by the service to authenticate. these fake accounts through messages. Ingrao went on to point out how Symoo was the #1 new SMS app in India where over 100,000 people fell victim to it.

How exactly did it work?

Ingrao went on to explain that Symoo first took people’s information by asking for the user’s phone number on the login page.

ANDROID FONT SIZE TUTORIAL

Screenshot of Maxime Ingrao, a French security researcher, explaining what the app was hiding.

Screenshot of Maxime Ingrao, a French security researcher, explaining what the app was hiding.
(FoxNews)

While the next screen made it appear to users that the app was loading, it was all a cover-up, hiding the interface of your number being sent to various subscription services.

Once the app finished loading, it would freeze, prompting users to delete the app.

However, their phone numbers had already been seized by then, and the user’s phone numbers were used to create fake accounts on numerous platforms, including Facebook and Instagram.

Ingrao then shared that he was able to trace the malware to a domain called “goomy[dot]fun”, a domain used by an application called Virtual Numbers.

HOW TO SEND SPAM CALLS DIRECTLY TO VOICEMAIL ON YOUR PHONE

Screenshot from a French researcher showing how he was able to trace the malware to a particular app.

Screenshot from a French researcher showing how he was able to trace the malware to a particular app.
(FoxNews)

The virtual numbers were created by the same developers behind Activation PW, a website that provides users with numbers from over 200 countries that they can use to create fake accounts.

According to computer beepusers could rent a number for as little as 50 cents to verify a fake account.

Fortunately, a Google spokesperson later confirmed to Bleeping Computers that both Symoo and Activation PW have been removed from Google Play and the developer has been banned.

Be careful what you download

It’s easy to get carried away and download any app that seems like something you’d enjoy.

Also, if it’s available on Google Play, it must be safe, right?

Unfortunately, as seen above, that’s not a guarantee. Insecure Rouge apps have regularly made their way to the Google Play app store before being removed long after compromising thousands of people.

Fortunately, with these common-sense tips, it’s not too difficult to discern which apps you should probably avoid.

Check the rating.

If the majority of the app’s ratings are two stars or less, and users seem to be having a hard time finding something nice to say about it, they’ll likely avoid downloading it.

THE BEST WAYS TO CHARGE YOUR PHONE BATTERY

Make sure your software is up to date.

Fortunately, some malware cannot work with the most up-to-date software, so always make sure that your devices, be it an iPhone, Android, as well as your browser, are updated fairly regularly.

Download an antivirus app.

Installing antivirus software on your devices is one of the surest ways to ensure that you’ll be protected from malware and phishing scams.

With its easy setup, real-time anti-malware protection, and excellent customer service, full VA it is one of the most reliable antivirus services available today. You can read my Best Antivirus reviews on the best protection for PC, Mac, Android and iOS devices by searching for ‘Best Antivirus’ on CyberGuy.com.

Never download any app from a link sent to you

The most important tip is to avoid linking from social media, text or email to download any app from a source other than the official Google Play store and Apple App Store.

If you have even the slightest doubt about the security of an app, it’s always better to go with your instincts and leave it off your phone.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Copyright 2023 CyberGuy.com. All rights reserved. Articles and content on CyberGuy.com may contain affiliate links that earn a commission when purchases are made.





Source link

RELATED ARTICLES
- Advertisment -

Most Popular