Seeing news on other security blogs, on apps reportedly collecting data from users without their knowledge: Today, Google has removed over 500 Android Apps from its Play Store for related concerns.
Origination of the Spyware
Lgexin which is a software development kit(SDK) designed for developers to generate revenue by advertising on their apps, is the remote cause of this risk. The SDK does that by collecting user data to help target advertisement based on interests and browsing habits.
Lgexin’s control server was therefore compromised by attackers and used to deliver malware to those devices. The attackers can then monitor and steal user data for their own benefits.
The Spyware was first spotted by Lookout, a mobile security firm, of which they found traces of malicious spying on extremely popular apps and services.
“While not all of these applications have been confirmed to download the malicious spying capability, Igexin could have introduced that functionality at their convenience,”
-Lookout security engineers Adam Bauer and Christoph Hebeisen said in their report.
Lookout also asserted, users of its mobile antivirus software were safe from attacks, but others may not have been so lucky.
image source: Lookout