Hacking Team Bypassing Google's Checks Underlines Play Store's Security Problems

Advertisement
By Manish Singh | Updated: 20 July 2015 10:56 IST
In the aftermath of a mega security breach of Hacking Team, an Italian company consisting of a group of professional hackers, startling revelations continue to pour in. The latest to hit the shore is a loophole in Google Play's security checks that allowed a malicious app developed by the Hacking Team to find its way to the store. The finding once again raises the question whether Android's marquee app store is a safe marketplace for consumers.

Security firm Trend Micro has discovered an app developed by the Hacking Team that managed to circumvent Google's security checks and find its way into Google Play. The Trojan horse - which went by the name BeNews and has been pulled down since - disguised itself as a news app, and downloaded tools that triggered remote access in the background. Google pulled the app from the store before it could gain much traction, however, security experts believe that the underlying technique may have been used in other apps as well, and it is likely to be copied by other groups.

Trend Micro notes that the Hacking Team dump also contained source code in which the group is found sharing how-to-guide to help its clients get started with the same exploit. "Based on these, we believe that the Hacking Team provided the app to customers to be used as a lure to download RCSAndroid malware on a target's Android device," it notes in a blog post.

Advertisement

The security firm believes that the app was using dynamic loading technology that enabled it to bypass Google's monitoring tool. At the time of installation, for instance, the app only asked the users for access to three components of their Android device - something which Google may have deemed as safe. Furthermore, the app wouldn't load the malware script until Google's verification was over.

This isn't the first time Google has failed to prevent malicious apps from entering into the Play Store. Just this year, we have seen a number of cases where the Mountain View-based company fell short from preventing similar mishaps. Earlier this year, security firm Avast reported several malicious apps in the store that affected millions of Android users. Another security firm Symantec went a step ahead and claimed (PDF) that one in five Android apps the Google Play Store is a malware.

Advertisement

Google on its part has taken a number of steps to crack down on shady apps. Earlier this year, the company quietly introduced a new security measure to get rid off applications that wouldn't comply with its terms of service. But the startling number of reports suggest that Google's efforts on this front aren't enough.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Best Water-Resistant Smartphones You Can Buy in India
  2. How to Watch the FIFA World Cup 2026 Final Live Stream in India
  1. Redmi Note 17 Pro Global Variant Reportedly Appears on NBD Database Alongside Poco Model
  2. Google Pixel 11a Codename Reportedly Spotted in Phone App
  3. Huawei Mate XT 2 Leaked Patent Reveals New Tri-Fold Design and Folding Mechanism
  4. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot: Here's What We Know So Far
  5. Lenovo Legion C700 Teased as a Cloud Gaming Handheld Ahead of August Launch
  6. Marvel's Wolverine Gets New Trailer That Will Play Ahead of Christopher Nolan's The Odyssey in Select Theatres
  7. Airtel Quietly Removes Rs. 549 Individual Postpaid Plan in India; Rs. 699 Plan Becomes Next Upgrade
  8. Poco M8 Power, Poco X8 India Launch Timeline Tipped; Could Arrive as Rebranded Redmi Note 17 Series
  9. Samsung Galaxy S25 Series Could Get Galaxy S26’s Horizontal Lock Camera Feature With One UI 9 Update
  10. Asus Pad India Launch Date Announced as Company Reveals Key Specifications
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.