Contacts-slurping Android malware sneaked onto Google Play store – twice

Contacts-slurping Android malware sneaked onto Google Play store – twice

Could a simple automated scan have picked up open-source nasty? Hmm


Android spyware – open-source spyware, no less – has found its way onto the Google Play store, according to researchers from ESET.


The nefarious software masqueraded as a fully functional internet radio app targeted at the Balouch people of Pakistan, Afghanistan and Iran, the Slovakian threat intel outfit said.


As well as relaying genuine Balouchi music, the malicious radio app also incorporated the AhMyth open-source remote-access trojan. It can be found on Github, of all places.


"The malicious functionality in AhMyth is not hidden, protected, or obfuscated. For this reason, it is trivial to identify the Radio Balouch app – and other derivatives – as malicious and classify them as belonging to the AhMyth family," opined Lukáš Štefanko, the ESET researcher who took a clos ..