Amazon Takes Down BMI CalculationVsn App From Its Appstore After Spotting Android Malware In It
Marketed as a basic body mass index (BMI) calculator, the BMI CalculationVsn app concealed dangerous malware.
Researchers at McAfee Labs recently uncovered a malicious Android spyware app on the Amazon Appstore called BMI CalculationVsn. Disguised as a straightforward health tool, the app secretly harvested sensitive data from devices it infected. Upon being alerted by the researchers, Amazon promptly removed the app from the store.
However, users who downloaded it need to uninstall the app manually and run a comprehensive scan to ensure all remnants are completely removed.
Android Spyware On Amazon Store: What Do We Know?
The Amazon Appstore, a third-party marketplace for Android apps, comes pre-installed on Amazon Fire tablets and Fire TV devices. Among the apps available on the store was the malicious BMI CalculationVsn, published by "PT Visionet Data Internasional." Marketed as a basic body mass index (BMI) calculator, the app concealed a dangerous spyware operation.
When opened, the app presents a straightforward interface that performs BMI calculations as advertised. However, behind the scenes, it engages in covert activities. For instance, it activates a screen recording service, requesting the necessary permissions when users click the "Calculate" button. This action could easily deceive users into granting access without realising its implications.
According to McAfee researchers, the recorded screen captures were saved locally as MP4 files but were not uploaded to a command-and-control (C2) server. This behaviour suggests the app might still have been in its early testing phase. Further investigation revealed that the app was first introduced on October 8. By the end of the same month, it had undergone significant changes, including a new icon, additional malicious features, and updated certificate information.
The app’s second malicious activity involves scanning the device to compile a list of all installed applications, enabling attackers to strategise their next moves. Additionally, the spyware intercepts and collects SMS messages stored or sent from the device, including sensitive data such as one-time passwords (OTPs) and verification codes.
Top Headlines
