DEV Community

Discussion on: This huge Android trojan malware campaign was discovered after the gang behind it made basic security mistakes

Collapse
 
exadra37 profile image
Paulo Renato

Not really, it's explicit in the article quote that these are taken from Google Play,

You are correct here... I may missed it because I was in the rush to catch the bus back home.

But be aware that they can be also published back to the Google Play store, and this is more common then Android users may think, but people that work in infosec are well aware of this.

Thanks for letting me know. I will update my article.

Collapse
 
zeslova profile image
Simon Newby • Edited

Of course, no app store is perfect, unfortunately. I do think Google does a decent job of directing people to legitimate actors when it comes to services such as this, in my own anecdotal experience.

Thread Thread
 
exadra37 profile image
Paulo Renato

Well I am not really trying to blame only the Google Play store for this, but just trying to start a discussion around it to make people more aware of the problem.

Do you want to share with us your anecdotal experience?

Thread Thread
 
zeslova profile image
Simon Newby

Nothing really special or unusual as far as I know, but when I sought to download relevant banking applications or enterprise authentication, Play store usually jumps the correct app to the top of the list and disqualifies even searching for other apps without my manual choice to navigate away from the desired result.