You are here: Blog Josh Coppage Yes, Even Apps from Official App Stores Can Be Malicious

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

Yes, Even Apps from Official App Stores Can Be Malicious

Voyage Technology Blog Security
Yes, Even Apps from Official App Stores Can Be Malicious

McAfee recently released a list of 15 applications the company identified as “predatory loan apps” available for download from the Google Play Store. While steps have been taken to remove them from the platform, we can now discuss how mobile applications can be weaponized if a user is not careful.

Let’s start by discussing the current issue of SpyLoan apps.

How Can Malicious Apps Sneak Onto the Play Store?

SpyLoan apps—much like many shopping applications and websites around this time of year—aren’t overtly malicious in the same way that other app-based threats are. These apps commonly work as malware, taking up storage space and exfiltrating data. 

SpyLoan apps operate more insidiously. Instead of installing malicious software and infecting the device, these apps operate as phishing attacks.

These apps work as financial applications, offering highly accessible loans that result in debt and invasions of a user’s privacy. These behaviors are also malicious, but SpyLoan apps can slip past the app store’s checks using social engineering instead of coded threats. As a result, they appear on Google Play and take advantage of the platform’s inherent trust. This trend has been observed (and has grown) since 2023.

This Makes It Crucial to Only Install Trusted Apps

It just goes to show that threats can even slip past the protections that Google has defending its platforms.

This makes it critical to be extremely selective regarding the applications you install, only using trusted sources and installing well-known and reputable software titles—specifically, the legitimate versions.

Warning Signs of Malware on Mobile Devices

There are a few indications to keep an eye out for that your device may be infected.

On the Device Itself:

  • Slower operation
  • Virus alerts
  • Missing storage space
  • Inoperable antivirus software
  • An inoperable device

In the Device’s Browser:

  • Invasive pop-up ads and tabs
  • Your browser redirects to other pages or ads
  • Your homepage or default search change without your permission
  • Virus alerts
  • Unwanted installs

Mobile Apps Can Be Used Offensively in Many Ways

Historically, attackers have used mobile applications in various ways to deliver attacks to mobile devices. From putting up apps and pushing malicious code in an update to phishing, as we see here, you must exercise some judgment before installing any application.

Tweet
Tags:
Mobile Device Security Software

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Hardware Network Security Efficiency User Tips Internet Malware IT Support Privacy Google Phishing Email Workplace Tips Computer IT Services Collaboration Hosted Solutions Users Workplace Strategy Ransomware Microsoft Mobile Device Small Business Passwords Backup Quick Tips Productivity Saving Money Communication Cybersecurity Data Backup Managed Service Smartphone Android Upgrade VoIP AI Business Management Smartphones Data Recovery communications Mobile Devices Disaster Recovery Windows Social Media Browser Microsoft Office Managed IT Services Current Events Network Internet of Things Remote Tech Term Information Automation Facebook Artificial Intelligence Training Covid-19 Miscellaneous Gadgets Cloud Computing Holiday Server Managed Service Provider Remote Work Outsourced IT Compliance Encryption Employee/Employer Relationship IT Support Spam Windows 10 Office Business Continuity Data Management Government Business Technology Windows 10 Wi-Fi Virtualization Blockchain Bandwidth Vendor Mobile Office Data Security Two-factor Authentication Apps Apple Tip of the week App Mobile Device Management Gmail Networking Managed Services BYOD Voice over Internet Protocol Employer-Employee Relationship Chrome Budget HIPAA Hacker Access Control Applications Avoiding Downtime Marketing Computing Conferencing How To Information Technology BDR WiFi Office 365 Storage Password Computers Router Health Bring Your Own Device Website 2FA Retail Help Desk Operating System Managed IT Services Risk Management Big Data Analytics Office Tips Augmented Reality Healthcare Virtual Private Network Customer Service Printer Paperless Office Free Resource Project Management Infrastructure Windows 7 Windows 11 Microsoft 365 Document Management Solutions Going Green Monitoring Excel Firewall Scam Cybercrime Data loss Telephone The Internet of Things Patch Management Save Money Remote Monitoring Social Cooperation Vulnerability End of Support Vendor Management Remote Workers Physical Security Display Computer Repair Vulnerabilities Hacking Sports Mouse Presentation Images 101 Administration Modem Wireless Technology User Tip Multi-Factor Authentication Processor Mobility Mobile Security Machine Learning Supply Chain Word Smart Technology Settings Employees Maintenance Wireless Antivirus Integration Printing Content Filtering Saving Time YouTube Managed IT Service Holidays Safety Cryptocurrency Downloads Data Storage Licensing Video Conferencing Data Privacy Robot Virtual Desktop Entertainment LiFi Managed Services Provider Data storage Virtual Machines Professional Services Outlook IT Management VPN Meetings Money Telephone System Humor Customer Relationship Management Cost Management iPhone Cyber security Workplace Strategies Directions Tech Deep Learning Assessment Permissions Telework CES Network Management Communitications Tech Support Meta Education Specifications Supply Chain Management Amazon Monitors Microchip Term User Internet Exlporer Fraud FinTech IT Assessment Websites Outsource IT Mobile Computing Username Search Black Friday Flexibility Environment Value Media IP Address Electronic Medical Records Best Practice Database SharePoint Organization Digital Security Cameras Smart Devices Small Businesses Buisness IT Technicians IT solutions Cookies Lenovo Cyber Monday Remote Working Displays Memory Legal Writing Proxy Server Data Breach Virtual Reality Google Play Business Growth Recovery Tactics Hotspot Videos Server Management Electronic Health Records Private Cloud Outsourcing Hard Drives Mirgation Nanotechnology Cortana Superfish Identity Theft Wasting Time Domains Trend Micro Twitter Workplace Security Cameras Alt Codes Addiction Language Software as a Service Error Hiring/Firing Refrigeration Management Downtime Chatbots Hosted Solution Screen Reader Distributed Denial of Service Managing Costs Public Speaking Social Engineering Paperless eCommerce Lithium-ion battery Remote Computing Co-managed IT SSID Typing Service Level Agreement Computing Infrastructure Surveillance Technology Care Virtual Assistant Entrepreneur Identity Bookmark Smart Tech Knowledge Tablet Virtual Machine Google Drive Business Communications Alert Scams Medical IT Download Alerts Reviews 5G Managed IT Development File Sharing Hybrid Work Transportation Undo Dark Data Browsers Unified Communications Connectivity Experience Break Fix Hypervisor Google Docs How To Human Resources Optimization Notifications Cables PowerPoint Bitcoin Upload Running Cable Shopping Multi-Factor Security Travel Employer/Employee Relationships Google Wallet Social Network Google Apps Navigation IoT Techology Dark Web PCI DSS Google Maps IT Maintenance Windows 8 Application Trends Laptop Gig Economy Regulations Google Calendar Internet Service Provider Unified Threat Management Business Intelligence Teamwork Drones Customer Resource management IBM Shortcuts Data Analysis Evernote Star Wars Unified Threat Management Microsoft Excel Regulations Compliance Memes Ransmoware Gamification Halloween Staff Social Networking Legislation Net Neutrality Vendors SQL Server Network Congestion Be Proactive Fileless Malware User Error Financial Data History Smartwatch IT Workforce Hacks Content Scary Stories Wearable Technology Motherboard Fun Comparison Procurement Point of Sale Threats Azure Competition Health IT

Blog Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015