Malware hidden inside Simple Call Recorder app tricks user in downloading and installing an additional app.
The app was published by FreshApps Group, the main purpose of the app is to download and install the app that mimics as Flash player update.
Once the app launched it decrypts the additional binary file carried in assets and dynamically loads it, Stefanko said. The app carries both the call recording functionality and the malicious script that downloads an additional app.
Stefanko said that “I could not retrieve the app through the link that is hard-coded into the APK. It is likely that the app has already been removed from the server after being available for download for over 11 months, but the server is still live.”
He also found two other call recording apps on play store with the same functionality, but they didn’t contain malicious code. Seems the attacker uploaded these apps to use as an alternative source.
Common Tips to Catch Fake Android App
Look at the publish date. A fake app will have a recent published date.
Do a little research about the developer of the app you plan to install.
Very important – read all app permissions carefully.
Common Defences On Mobile Threats
Give careful consideration to the permission asked for by applications.
Download applications from trusted sources.
Stay up with the latest version.
Encrypt your devices.