CATEGORIES
home News

Google Deletes SMSVova Android Spyware That Targeted Millions On Play Store For 3 Years

by Rob WilliamsFriday, April 21, 2017, 01:41 PM EDT

Despite Google's best efforts to protect its users who download apps from its Play Store, some malware inevitably slips through the cracks. While it might be easy to assume that most of that malware is found in obscure software that people shouldn't be downloading anyway, this latest case is proof that if malware does manage to get through, it could impact millions of people.

Research firm Zscaler, and its threat-hunting team ThreatLabz, recently discovered an app on the Play Store that included the Android spyware SMSVova. Looking at the image below, it's hard to imagine why anyone would fall for such an app. Yet, millions of people downloaded this tool which promised to update their device.

System Update Android Spyware

Simply called "System Update", the app seemed really popular to those with older phones which no longer receive updates. From that perspective, it's easier to understand why some would try their luck. Not everyone knows that post-support updates will have to come by way of rooting - a simple app download isn't going to accomplish much.

SMSVova, as its name suggests, impacts the SMS system, and seemingly nothing else. Its purpose is to fetch the user's geolocation, which could lead to a number of malicious scenarios.

SMSVova

Once the System Update app is installed, it fails to run from the get-go, and then hides itself. In actuality, its crash means nothing: the spyware gets installed immediately. From that point on, the attacker can send a simple SMS message ("get faq") to the affected user, and is then able to run certain simple commands, including protecting the spyware with a password.

It's not entirely clear what the purpose of this spyware is, but it's beyond creepy. Anyone who's installed the System Update app should consider wiping their entire phone and starting fresh, because it'd likely have to be rooted, and the steps to get rid of it would enter power user territory. Further, always use extreme discretion when downloading apps from developers you've never heard of. This incident is proof of just how possible it still is to get malware onto the Play Store.

Tags:  Android, Malware, Google, Spyware, (nasdaq: goog)
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment