News
Google Removes Play Store Apps—What You Need to Know
Are Your Apps Spying on You? Google’s Latest Crackdown Reveals the Hidden Threat
Google has once again taken action to enhance security on the Play Store by removing several malicious applications that posed significant threats to Android users. The company continues to battle rising cybersecurity risks, particularly as hackers develop more sophisticated attack methods.
Key Actions Taken by Google:
Deleted 180 apps with a combined 56 million downloads due to an ad fraud scheme.
Removed Trojan-infected apps linked to the dangerous Anatsa/Teabot malware.
Shut down fake Play Store pages used to trick users into downloading harmful software.
Eliminated apps carrying the newly discovered KoSpy spyware.
What Is KoSpy Malware?
Security researchers at Lookout have attributed the KoSpy spyware to the North Korean hacking group APT37 (ScarCruft). This advanced malware is designed to steal sensitive data, including:
✔ SMS messages and call logs
✔ Device location
✔ Files and folders
✔ Audio recordings and photos
✔ Screenshots and screen activity
✔ Keystrokes through accessibility services
✔ WiFi network details
✔ Installed application lists
Investigations reveal that KoSpy is part of a larger cyber espionage operation, with ties to another North Korean hacking group, APT43 (Kimsuky). The spyware, which has been active since at least early 2022, primarily spreads through fake utility apps such as:
File Manager
Software Update Utility
Kakao Security
휴대폰 관리자 (Phone Manager)
스마트 관리자 (Smart Manager)
How to Protect Your Device
Although Google has removed these malicious apps from the Play Store, they may still be available on third-party websites. Users should immediately delete any of the listed apps if installed.
Additionally, Google advises users to:
* Enable Play Protect for real-time security monitoring.
* Avoid sideloading apps from untrusted sources.
* Verify app legitimacy before downloading.
Google confirmed that the latest KoSpy-infected app, discovered in March 2024, was taken down before any installations occurred. Play Protect continues to shield users from known malware threats, even when apps come from sources outside the Play Store.
As Google introduces a new temporary pause feature for Play Protect to allow sideloading, security experts urge Android users to remain vigilant and only install apps from verified sources.
For Diaspora Digital Media Updates click on Whatsapp, or Telegram. For eyewitness accounts/ reports/ articles, write to: citizenreports@diasporadigitalmedia.com. Follow us on X (Fomerly Twitter) or Facebook