Spyware app found on Google Play store
A critical spyware app, named Radio Balouch, was reported to have been found in the Google Play store. Also called as RB music, this app is said to have to steal personal user data from smartphones. This was discovered by an ESET security researcher named Lukas Stefanko
It poses as a legitimate radio streaming service for Balouchi music followers, except that it comes at the cost of first-of-its-kind malicious activities.
The malicious actors managed to sneak the app into the official Google Play store twice and was promptly removed by the Google security team after notification by Stefanko.
Stefanko and ESET researchers conducted an extensive investigation and published a detailed report. “The fact Google let the same developer post “this evident malware” to the store repeatedly is “disturbing,” said Stefanko in the report.
According to Stefanko, the malicious Radio app still exists in many third-party Android app stores. It is also distributed from a dedicated website named (radiobalouch[.]com). In addition to these efforts, the malware actor is also distributing the malicious app via Instagram and a dedicated YouTube channel. Apparently, their YouTube channel has not seen any promotion hence the total views on the video counted to a mere 21 views, said Stefanko.
An Alert for Android users and Google Play store
“The repeated appearance of the Radio Balouch malware on the Google Play store should serve as a wake-up call to both the Google security team and Android users,” Stefanko said. “Unless Google improves its safeguarding capabilities, a new clone of Radio Balouch or any other derivative of AhMyth may appear on Google Play.”