Introduction
A dangerous Android spyware application, disguised as a health tool, was recently discovered lurking on the Amazon Appstore. The app, named ‘BMI CalculationVsn,’ promised users a simple Body Mass Index (BMI) calculator but was secretly stealing sensitive data from infected devices in the background. Discovered by McAfee Labs researchers, this malicious app has now been removed, but users who installed it need to act fast to remove it manually and ensure their devices are secure.
The Dangerous Spyware App: BMI CalculationVsn
The app, published by ‘PT Visionet Data Internasional,’ appeared on the Amazon Appstore as a seemingly harmless BMI calculator. However, beneath its simple interface lies a sinister purpose. Once downloaded, it triggers several malicious actions designed to compromise user privacy. The app first requests permission to record the device’s screen, a deceptive tactic that tricks users into granting access without realizing the potential risks.
How the Spyware Works
Upon opening the app, users are greeted with a straightforward interface for calculating their BMI. However, behind the scenes, the spyware quietly begins recording the user’s screen. While the recorded videos are stored locally on the device in an MP4 file, they are not sent to a command-and-control server, likely due to the app still being in its testing phase.
Another alarming feature of BMI CalculationVsn is its ability to scan the device and collect details of all installed applications. This enables attackers to plan their next moves, further compromising user security.
Stealing Sensitive User Data
The spyware doesn’t stop there. It also intercepts and collects SMS messages stored on the device, including sensitive information such as one-time passwords (OTPs) and verification codes. This means attackers can access critical data, potentially putting users at risk of identity theft and other malicious activities.
How It Ended Up on the Amazon Appstore
The Amazon Appstore, while a legitimate platform, often becomes a target for malicious app developers. This third-party app store, pre-installed on Amazon Fire tablets and Fire TV devices, offers an alternative to Google Play for Android users who prefer not to use Google’s platform. However, the BMI CalculationVsn app, despite appearing legitimate, slipped through Amazon’s app review process, demonstrating the risks of lesser-known app stores.
What You Need to Do if You Installed It
If you have already installed BMI CalculationVsn, it’s essential to take immediate action. McAfee Labs has already informed Amazon, leading to the app’s removal from the store, but affected users must manually uninstall the app and conduct a full security scan on their devices to remove any lingering traces of malware.
Staying Safe: Tips for Android Users
To avoid falling victim to such spyware, it’s crucial to stick to trusted app sources. Always download apps from reputable publishers, especially on third-party app stores like the Amazon Appstore. Additionally, scrutinize app permissions and deny those that seem unnecessary or suspicious. Keeping Google Play Protect activated on your Android device is another essential security measure that can help detect and block known malware from App Security Alliance partners like McAfee.
Conclusion
The discovery of the BMI CalculationVsn spyware on the Amazon Appstore serves as a stark reminder of the dangers lurking in third-party app stores. While the app has been removed, users who installed it are at risk of having their sensitive data compromised. Staying vigilant, sticking to reputable app sources, and maintaining active security measures are key steps to protect your privacy and avoid falling victim to malicious apps.
Discover more from Open Security Labs
Subscribe to get the latest posts sent to your email.
