Two free photo-editing apps on the Google Play Store have been found hosting malware that steals personal information. Pink Camera and Pink Camera 2 was downloaded over 10,000 times and it contains simple editing software, but also deploys a malware known as “MobOk,” that collects users’ personal and financial data and sends it back to the Command and Control (C&C) server. Once the app is downloaded, it requires the user to give it device permissions which include Wi-Fi controls and notification access. Then it takes the user on a serious of site redirects to a “subscription” page. Once the subscription is complete, it uses the login credentials to apply for “subscriptions” that will bill the account owner without their permission. Google Play Store has removed both apps from their service.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is