Malicious App Developer Remains on Google Play

A phone with multiple app icons including messages, Play Store, Phone, Settings and more

Google has been routinely notified about malware-containing apps listed on Play Store, but it has routinely failed at catching already-identified malware code.
Photo: East pop (Shutterstock)

Google is still failing to catch malicious apps from being listed on its app store, but it seems that some developers that have been cited aren’t even being kicked off the platform. Security software company Malwarebytes reported Tuesday that four apps listed by developer Mobile apps Group contain a well-known malware used to steal users’ information. As of the time of reporting, all four apps are still listed on Google Play Store.

Worse still, Malwarebytes wrote that the developer in question has been found deploying malware in its apps before, yet they’re still able to list their apps on Google’s main app store.

The apps are listed by the company Mobile apps Group, whose listing on Play Store includes the tagline “Using the smart app, you guarantee a strong and reliable Bluetooth pairing with any device.” The apps include:

  • Bluetooth Auto Connect
  • Driver: Bluetooth Wi-Fi, USB
  • Bluetooth App Sender
  • Mobile transfer: smart switch

As of time of reporting Wednesday morning, the developer’s malware-containing apps were still available on Play Store.

As of time of reporting Wednesday morning, the developer’s malware-containing apps were still available on Play Store.
Screenshot: Kyle Barr/Gizmodo

Nathan Collier, a malware intelligence analyst for Malwarebytes, wrote that when users first install Bluetooth Auto Connect, there’s a several-day delay before it starts opening phishing sites in Chrome. These sites run in the background even if a device is locked and open automatically when users unlock their phones. These phishing sites reportedly include porn sites that lead to phishing pages or other sites that spam users with messages that they’ve been hacked and need to perform an update.

Mobile apps group has been cited twice in the past for listing malware-infected apps, according to Collier. Other cybersecurity researchers have blogged about an earlier version of Bluetooth Auto Connect. Two days after that blog and subsequent delisting, the developers released a 3.0 version on Google Play, which means those malicious devs did not even receive a probation period. The devs released the current 5.7 version of the…