The problem of risks associated with the installation of apps on Android smartphones is a long-standing one: in a cyclical game of cops and thieves, criminals try to evade the surveillance systems that should guarantee the safety of users’ smartphones. Sometimes, this is not enough: this time the news is the presence of malware on Samsung’s Galaxy Store, a store similar to that of Google designed specifically for the Android smartphone family of the Korean giant.
The report comes from one of the major analysts and leakers of Samsung products and software features, Max Weinbach, a freelance editor at Android Police, one of the most authoritative resources for news and scoop on the world of the green robot. Looking for an alternative download for the popular Hulu streaming app – one of the best services to stream movies on Android if you have a VPN – temporarily unavailable on the Google Play Store for your Samsung smartphone due to a recent update, yes came across a unique Google Play Protect security warning.
This Google Play Protect warning indicates that the app in question, a Showbox clone, could be dangerous. Since Play Protect comes into action even when you try to install applications from sources that are not considered safe, such as the Play Store, the Android Police colleagues contacted the Android linuxct security expert to investigate the matter.
The risks of malware on the Galaxy Store
From the analysis of the apps on the Samsung Galaxy Store deemed unreliable, all of which were clones of the most famous Showbox now no longer available, a rather worrying picture emerged. According to the analyst, the offending apps do not directly contain malicious code but have the technology necessary to install and run malware. Not only that, apps require permissions to access resources that they normally shouldn’t require, such as the complete call log and access to the contacts directory.
I gave Huawei shit for this, gonna do it to Samsung too.
Samsung is hosting literal malware on the Galaxy Store. Google’s anti-virus protection software, built into Play Services, stops the install.
I’ve found at least 5 of these apps in a row on the Galaxy Store. pic.twitter.com/LiiDJtGwmb— Max Weinbach (@MaxWinebach) December 27, 2021
For those unfamiliar with it, Showbox was one of the most popular third-party streaming apps: at its peak it allowed users to connect to a large number of streaming service sites and torrent clients to watch content, often violating copyright. An app that, despite having always pronounced itself against the specific use for piracy works, has always been considered by the community as a tool for watching pirated content. The offending apps that present malware on the Galaxy Store seem to be clones of Showbox, which has not been available for some time on the Google Play Store.
The ability to download malicious code seems to stem from the advertising technology used by these apps, which could become a trojan/malware at any moment. One of these apps’ apks was sent to Virustotal for a full scan, returning more than a dozen low-level alerts found in other Android viruses – nothing to worry about when taken individually, but potentially dangerous when added to everything else.
Although there is no counter for installations on the Samsung Galaxy Store like on the Google store, there are hundreds of reviews for the offending apps. Potentially this data translates into thousands or tens of thousands of users who could jeopardize the security of their smartphone without knowing it, considering the Samsung store a safe source from which to download applications.
Both the Google Play Store and the Apple App Store have been the victim of attackers who illegally smuggled hidden code into seemingly harmless apps. Many of these apps just collect a large amount of data and send it to third-party services, probably for profit. However, this does not discount Samsung’s negligence, which has the duty, like other providers, to guarantee the security of the applications on its alternative store.
While trying to clarify this matter, as always, we invite you to download apps responsibly and only from certified sources. What do you think about it? Have you ever downloaded apps from third-party stores, and if so why?