Google Play加大恶意加密货币软件打击力度

近一段时间以来,Google Play上多次出现加密货币恶意软件,而谷歌似乎也在积极努力遏制这一势头。

此前,安全研究员Lukas Stafanko在Google Play上发现了一款加密货币应用程序MyEtherWallet的仿冒程序,该应用程序会窃取用户的私钥并秘密盗取资金。





去年12月,另一个MyEtherWallet高仿恶意程序进入了Apple App Store,甚至还一度成为了金融财务领域第三受欢迎的应用程序。有报道表明,在苹果公司最终下架这款应用程序之前,已经有超过3000人下载了这款移动应用程序。

最近,一款内置加密货币挖矿程序的app也蒙混过关登陆了App Store,而苹果公司此前并不允许此类程序上架。

然而真正的问题在于,Google Play上这类高仿恶意程序出现的比率和速度远高于其他平台。

来自网络安全公司RiskIQ的研究表明,目前主流的20多个应用平台(包括Google Play和平台App Store)上共有661个非法的加密货币应用程序。其中,有272个来自Google Play,而排名第二的APKFiles平台上只有54个这样的应用程序。

然而,恶意加密货币软件仅占Play Store上问题应用程序的一小部分。据报道,谷歌公司仅2017年就清除了70万个“有问题的应用程序。

为了与攻击者作战,去年谷歌推出了Play Protect安全功能,旨在确保从其软件商店下载的应用程序不出现上述安全问题。




Google is suffering from an epidemic of malicious cryptocurrency apps on the Play Store – and it seems the internet giant is struggling to curb the influx.

Security researcher Lukas Stafanko has come across another rogue copycat of popular cryptocurrency app MyEtherWallet designed to steal your private keys and surreptitiously drain your funds.

But here is the worst part: the malicious app purportedly remained available to download for four days before the Big G purged it from its software distribution platform, according to the researcher.

Fortunately, it appears that nobody downloaded the app during the four-day window it remained in the wild.

What is more problematic is that this is hardly the first time malware-infested software has slipped past Google’s security mechanisms.

In fact, this marks at least the third such occasion since the beginning of this year. Google was forced to remove another corrupted instance of MyEtherWallet back in January; more recently, the company purged a malicious Poloniex app designed to phish users’ credentials and private keys.

While data suggests that some of these malicious apps hardly got any traction, the MyEtherWallet copycat which made its way to the Play Store in January was downloaded between 100 and 500 times before it got taken down. One of the reasons it managed to garner some success was probably because it remained on the Play Store for almost a week.

Indeed, researcher Troy Mursch has since remarked Google has absolutely “no excuse” for failing to prevent malicious apps from popping up on the Play Store. “Slow abuse handling only provides more incentive for apps like this to be published,” Mursch said on Twitter.

For the sake of clarity, Google is not the only software distributor that has struggled to thwart the spread of malicious crypto apps on its platform.

Last December, another infected instance of MyEtherWallet made its way to the top of the Apple App Store; in fact, it was the third most popular app in the Finance section at one point.

Reports suggest that more than 3,000 people downloaded the shifty app before Apple eventually took it down.

More recently, Apple had a similar mishap after it allowed a sketchy Calendar app with a built-in cryptocurrency miner on the App Store – despite the fact its policy strictly deems such monetization strategies “unacceptable.”

The real problem is that such blunders fly past Google and its Play Store at rates disturbingly higher than on any other platform.

Research from cybersecurity firm RiskIQ indicates it found 661 illegitimate cryptocurrency apps distributed across some 20 official software stores – including the Play Store and the App Store.

Out of these, a staggering 272 appeared on Google Play. By comparison, the second store on this list, APKFiles, accounted for 54 such apps.

In all fairness, cryptocurrency software comprises only a small chunk of all infected apps hosted on the Play Store. To give you some context, the company reportedly purged 700,000 “problematic apps” in 2017 alone; statistics suggest that Google houses a total of more than 3.5 million apps on its store.

In an effort to battle attackers, last year Google introduced its Play Protect security feature, designed to ensure there is nothing funny going on with apps downloaded from its software store.

While it is true that phishing sites have long lingered on Google Search, there is a certain (added) expectation of security that comes with downloading apps from official software platforms. We trust such apps because we assume that Google – or whoever is responsible for distribution – has vetted them.

But as Stefanko’s recurrent findings show, the mechanism is incapable of keeping up with the attackers’ ever-evolving methods: and unless Google finds a more efficient measure of counter-acting such ill-intended efforts, it is only a matter of time before someone gets burnt.







您的个人信息不会被公开,请放心填写! 标记为的是必填项



Kevin Helm... 5小时前


DIGITAL CO... | 巴比特资讯 1天前


ROBERT HAC... | 巴比特资讯 11-14


William Su... | 巴比特资讯 11-14


Andrew Arn... 11-12

版权所有 © 清华大学五道口金融学院互联网金融实验室 | 京ICP备17044750号-1