In the aftermath of a mega security breach of Hacking Team
, an Italian company consisting of a group of professional hackers, startling revelations continue to pour in. The latest to hit the shore is a loophole in Google Play's security checks that allowed a malicious app developed by the Hacking Team to find its way to the store. The finding once again raises the question whether Android's marquee app store is a safe marketplace for consumers.
Security firm Trend Micro has discovered an app developed by the Hacking Team that managed to circumvent Google's security checks and find its way into Google Play. The Trojan horse - which went by the name BeNews and has been pulled down since - disguised itself as a news app, and downloaded tools that triggered remote access in the background. Google pulled the app from the store before it could gain much traction, however, security experts believe that the underlying technique may have been used in other apps as well, and it is likely to be copied by other groups.
Trend Micro notes that the Hacking Team dump also contained source code in which the group is found sharing how-to-guide to help its clients get started with the same exploit. "Based on these, we believe that the Hacking Team provided the app to customers to be used as a lure to download RCSAndroid malware on a target's Android device," it notes in a blog post.
The security firm believes that the app was using dynamic loading technology that enabled it to bypass Google's monitoring tool. At the time of installation, for instance, the app only asked the users for access to three components of their Android device - something which Google may have deemed as safe. Furthermore, the app wouldn't load the malware script until Google's verification was over.
This isn't the first time Google has failed to prevent malicious apps from entering into the Play Store. Just this year, we have seen a number of cases where the Mountain View-based company fell short from preventing similar mishaps. Earlier this year, security firm Avast reported several malicious apps in the store that affected millions of Android users. Another security firm Symantec went a step ahead and claimed (PDF) that one in five Android apps the Google Play Store is a malware.
Google on its part has taken a number of steps to crack down on shady apps. Earlier this year, the company quietly introduced a new security measure to get rid off applications that wouldn't comply with its terms of service. But the startling number of reports suggest that Google's efforts on this front aren't enough.