Password Stealing Apps On The Play Store
To quote the great Scooby Doo,
The Hacker News (warning – technical language) is reporting that 85 Credential Stealing apps have been found on the Google Play store.
As with yesterday’s news, this one is scary, and the numbers are huge.
It’s time for some self inspection. How are you using the App Store? If you download every program you see, regardless of rating, developer reputation, etc, then maybe it’s time to change your ways.
If you are an indiscriminate downloader, or if you live with an indiscriminate downloader, then you may want to do some deleting.
Note: It looks like many of these are targeting users of Russian websites… but just because you may not live in Russia doesn’t mean you’re off the hook.
Oh, and Apple user? Don’t be so smug. This story is about the Play Store, but the App Store has its own issues, despite Apple’s tight controls.
What now? As always, we don’t want to report without at least giving a few tips. Here you go:
- Do an audit of your Android apps, and your family’s Android apps. Ask yourself if the apps you use are a) useful, b) needed, c) well designed, d) using too many app permissions
- If you see any apps you’re not using, shouldn’t be using, never should have downloaded, etc, then delete
- If you’re really worried, back up your contacts and emails to a reputable service like Google, and then rebuild your phone. Doesn’t take long. I don’t recommend this as a viable option every time, but for those days when the nuclear option seems like the only option, then this is a good way to start fresh
If you have questions, concerns, or just need more info, hit us up in the comments. Stay safe, and don’t be download crazy.