According to Lookout, a development kit contained within the accused apps could be exploited by hackers to spy on users
There is no peace for users in possession of an Android device, targeted by hackers with some constancy. About 500 applications have been discovered that contain a package that, if modified, allows cybercriminals to perform a series of malicious functions on the devices.
This is what emerges from an investigation conducted by researchers at Lookout, a well-known company specializing in computer security for mobile devices. The accused program itself is not malicious. It is Igexin, an application development package (SDK), which allows apps to deliver targeted ads based on users’ interests. According to experts at Lookout, the kit could be exploited by hackers to install spyware, dangerous malware used by hackers to acquire sensitive information, on the devices of victims who have downloaded one of the 500 apps from the Play Store.
The risks for users
As the same company that discovered the vulnerability warns, not all apps using Igexin have been used by hackers to spy on users. The point here is another: the dangerousness of the development kit. If altered, in fact, it could allow cyber criminals to install the payload, that is the malicious software, on mobile devices. The risks are many for privacy: the plug-in could allow criminals to access many of the data present in smartphones.
Unbeknownst to developers
Apps that make use of Igexin have been downloaded from the Play Store, according to Lookout, more than 100 million times. The fault apparently doesn’t lie with the apps’ programmers. The software, when released in Google’s store, does not contain any malware. Hackers, exploiting the development kit, execute malicious codes later from the server to which Igexin connects. And without the authors of the targeted apps knowing anything about it.
Vulnerable apps, thanks to Lookout’s discovery, have been removed from the Play Store, while others have been replaced with an updated version and without the dangerous plug-in.