Amazon Appstore: Hackers’ Secret Backdoor Exposed

Hackers are exploiting Amazon's Appstore to distribute malware. It's crucial to immediately remove this malicious app to safeguard your data.

The Invisible Threat on the Amazon Appstore

McAfee Labs researchers have uncovered a covert threat lurking within the Amazon Appstore. Disguised as a benign health app, it has the potential to infect top Android phones with dangerous malware. Vigilance is crucial when downloading apps, even from official platforms.

Wolf in Sheep’s Clothing

The app in question, BMI CalculationsVsn, masqueraded as a simple body mass index (BMI) calculator. On the surface, it provides a basic interface for users to input their weight and height to calculate their BMI. However, once activated, it initiates a slew of malicious activities in the background. “It starts recording the user’s screen as soon as they hit the ‘Calculate’ button,” McAfee researchers reveal.

A Disturbing Modus Operandi

This recording feature is likely used to capture gesture passwords or sensitive data from other apps. Furthermore, the app can scan the victim’s device to list all installed apps, potentially identifying targets for more sophisticated attacks. Additionally, it collects every text message received on the infected phone, possibly aiming to capture one-time passwords (OTP), verification codes, or other sensitive information sent via SMS.

How to Protect Against Such Threats?

Exercising extreme caution when downloading new apps is essential. This includes checking ratings and reviews, seeking out external reviews, or even video reviews that showcase the app in action. Sticking to well-known and trusted applications, often listed in app store rankings, is a good strategy to avoid installing malicious software on your Android devices. Additionally, for enhanced protection, employing one of the top Android antivirus applications alongside Google Play Protect is highly recommended.