A security firm reported that an app with more than 500,000 downloads from the Play Store has been found to host a piece of software that can be used to send users' contacts to an attacker-controlled server.
At the time this post was being prepared, the Color Message app was still available on the server. I asked the company for a comment, but it was removed more than three hours later.
Adding emojis and blocking junk texts are some of the things Color Message does. According to researchers at Pradeo Security, Color Message contains a family of malicious software known as the "joker", which has been found on millions of devices in the past.
According to the company, the Color Message application accessed users' contact list and exfiltrates it over the network. The application automatically subscribes to services that users don't know about. The application can hide its icon to make it difficult to remove.
Advertisement
The latest instance of malicious wares that harm users of its mobile operating system is what Pradeo discovered. There are no shortage of apps that the company misses. The security scorecard for the mobile OS is tarnishing because of the frequent reports of rogue apps available through Play.
Fleeceware is a category of software. It intercepts text messages in an attempt to get users to subscribe to premium services they never intended to. The tiny footprint of its code makes it hard to detect. Over the past few years, the software has been found in hundreds of apps.
Color Message sends users' contacts to a server that appears to be located in Russia, but it doesn't reveal the extent of the actions the app can perform on users' devices.
Users should be careful before they download apps. A good rule of thumb is to only download apps that provide a true benefit and then to choose ones made by known companies. If there are reports of malice, people should read the user reviews.
