Search GSSD

Researchers Find Google Play Store Apps Were Actually Government Malware

Several security firms have looked into a collection of Android apps that passed Google’s malware detection and stayed on the Google Play Store long enough to affect as many as 1000 users, all in Italy. These apps masqueraded as normal Android apps that gave promotions or gave battery diagnostics, but instead of doing the advertised function, they install spyware on the device and relay information to command & control servers. Some of the information that the spyware could access include: phone calls, text messages, and geolocation. Investigation by security researchers point to the Italian company eSurv as the perpetrator of this malware. This company is thought to have made these apps for the Italian government to perform surveillance on persons of interest. In fact, a document detailing the spending of the Italian governments shows that it paid eSurv over 300,000 euros to develop a “passive and active interception system.” Even though this is very unpleasant behavior, it is not necessarily illegal. According to many European countries, using spyware with the authorization of the law is legal, but eSurv may not be following all expectations of legal spyware. For example, they don’t target users correctly. The security report seems to indicate that although there is some selection of users based on the phone number of the phone, the apps seem to target users almost indiscriminately.
Lorenzo Franceschi-Bicchierai and Riccardo Coluccini
Motherboard, Tech. by Vice
Domains-Issue Area: 
Industry Focus: 
Internet & Cyberspace