Android Spyware News: 500 Malicious Apps Have Been Removed or Updated

By Kristinova V. Justimbaste, Christian Post Contributor

Mobile Security firm Lookout confirmed that more than 500 apps were removed from Google Play Store after discovering that the apps utilize a software development kit (SDK) called Igexin, which has the ability to exploit malicious activity.

"Igexin is somewhat unique because the app developers themselves are not creating the malicious functionality — nor are they in control or even aware of the malicious payload that may subsequently execute," a researcher from Lookout said in a statement. "Instead, the invasive activity initiates from an Igexin-controlled server."

Igexin has been used to run numerous applications. While some of the infected apps were removed, others were updated with malware-free versions. These 500 apps have collectively generated 100 million downloads. SelfieCity, which has been downloaded over 5 million times, and LuckyCash, which has over a million downloads, are a few of the apps that are no longer susceptible to malicious behavior.

Get Our Latest News for FREE

Subscribe to get daily/weekly email with the top stories (plus special offers!) from The Christian Post. Be the first to know.

The malware does not target a specific niche. Igexin-enabled apps range from weather apps to photo editors, educational content, health and fitness apps, and more.

According to the company, developers are most likely in the dark about the Igexin's capabilities, especially since the hackers behind it could easily alter it at will. And most of those who downloaded the dangerous apps are generally unaware of the potential risk that they have welcomed.

But it is important to note that Lookout also emphasized that not all versions of Igexin are harmful.

Igexin is equipped with a log exfiltration, which allows hackers to invade users' personal information and extract it.

Infected apps still pass through Google's system despite the preventive measures they make, as these apps often have various obfuscation techniques to bypass these checkpoints.

As a countermeasure of increasing malware-infected apps, Google has launched a built-in security feature named Google Play Protect, which prevents suspicious apps from the cloud level.

Was this article helpful?

Help keep The Christian Post free for everyone.

By making a recurring donation or a one-time donation of any amount, you're helping to keep CP's articles free and accessible for everyone.

$25/month$50/quarter$100/yearOne-time

We’re sorry to hear that.

Hope you’ll give us another try and check out some other articles. Return to homepage.

Most Popular

More Articles