- A malicious app called "File Manager" managed to infiltrate the Google Play Store, collecting sensitive user data.
- The malware, known as KoSpy, was linked to North Korean cybercriminal groups and enabled mass surveillance.
- Google quickly removed the app after receiving the report from cybersecurity firm Lookout.
- Users should exercise caution and review app permissions before installing them to avoid similar threats.
Google's app store for Android devices, the Play Store, remains the primary distribution channel for millions of apps worldwide. However, despite the security measures implemented, Some threats occasionally manage to slip through. On this occasion, A malicious software disguised as a file manager put users at risk.
The malware, identified as KoSpy, was camouflaged under a application called «File Manager». Although it appeared to function as a legitimate file manager, it actually concealed spyware designed to collect information from infected devices and send it to servers controlled by attackers.
Spyware disguised as a harmless utility
The File Manager app was analyzed by security firm Lookout, which discovered that it contained the KoSpy malware. This type of malware is often used to theft of personal data and monitoring of infected devices. In this case, researchers found links with North Korean hacking groups, such as APT37 and APT43, known for cyberespionage campaigns.
KoSpy had access to a large amount of information, including SMS messages, call logs, location data, files stored on the device, and even keystrokes. In addition, it could activate camera to take photos without consent, record audio and perform screenshots in background.
For these reasons, it is essential to be informed about how protect our personal data against threats of this type.
Quick removal by Google
Once Lookout detected the threat, it informed Google, which proceeded to delete the application from the Play Store and disable any related projects hosted on Firebase, a cloud services platform used by the malicious app.
A Google spokesperson confirmed that all users with devices running Google Play Services were automatically protected, as Play Protect blocks known versions of malware even if they come from external sources.
It is important to mention that the use of security tools such as Google Play Protect It is vital to prevent the installation of harmful software. For those who need more information on how apply preventive measures, there are various online resources.
How to protect yourself from malicious applications
Despite Google's efforts to keep its app store secure, it is critical that users adopt certain security measures to avoid being victims of similar attacks:
- Check app permissions: If a file management app requests access to your camera, microphone, or messages, it could be suspicious.
- Download apps only from trusted sources: It is advisable to obtain applications from the developers' official websites and avoid unknown links.
- Check reviews and ratings: Analyzing other users' reviews can help you detect fraudulent apps before you install them.
- Use security solutions: Having tools like Google Play Protect and, in some cases, third-party antivirus can add an extra layer of protection.
In addition to the measures mentioned above, it is advisable to inform yourself about how avoid malware on mobile devices and protect sensitive information.
The "File Manager" case is further evidence that malicious actors They continue to find ways to circumvent Google's security measures. and other digital platforms. Although on this occasion The impact was limited due to the rapid action of cybersecurity experts and Google, this type of attack highlights the need to be vigilant about the applications we install on our devices.
I am a technology enthusiast who has turned his "geek" interests into a profession. I have spent more than 10 years of my life using cutting-edge technology and tinkering with all kinds of programs out of pure curiosity. Now I have specialized in computer technology and video games. This is because for more than 5 years I have been writing for various websites on technology and video games, creating articles that seek to give you the information you need in a language that is understandable to everyone.
If you have any questions, my knowledge ranges from everything related to the Windows operating system as well as Android for mobile phones. And my commitment is to you, I am always willing to spend a few minutes and help you resolve any questions you may have in this internet world.