Added to the recently discovered security issues in Android is a new malicious application that was present in Google Play. This, although not containing malware as such, had illegal purposes.
It was disguised as an apparent messaging app with which to manage SMS, replacing the native Google Messages application. However, it was enough to read its opinions to see that its purposes were very different, since it did not even work correctly once its objective was achieved.
Permits are, again, the gateway
The application we are referring to is called Symoo, not to be confused with the operator Simyo, and as we said, it appeared on Google Play as an SMS application. There it had a 3.4 star rating, although the reviews weren’t exactly very positive.
He was the French researcher Maxime Ingrao who alerted Google to the problem with this application. And it is that it is enough to open it it was asking permission to read and write SMSwhich, despite being one of the most dangerous permissions to grant, didn’t seem suspicious since Symoo is an SMS app. Then he asked for the victim’s number and that’s when the “show” began..
After providing the phone number, a supposed loading screen appeared where the user had to wait for their authentication to be completed and then enter the main interface of the application. However, that time never came, because in the meantime what Symoo did was using the victim’s phone number to create accounts on multiple platforms
When registering on a platform with a phone number, it is usually sent an SMS with a code to verify the identity of the user. And precisely Symoo has taken advantage of this fake loading screen so that, without the knowledge of the victim, these messages are received and automatically added to the platforms to complete the registration.
According to the researcher, this could be related to the rent the victim’s numbers as “virtual numbers”
Being able to learn about this obscure Symoo operation is largely due to reviewers mentioning that after not being able to use the app and uninstalling it, they found their SMS tray full of verification codes from platforms where they had never registered.
Fortunately, Google acted quickly and, according to information in Bleeping Computer, a company spokesperson confirmed that the app has been deleted. In the same way, they report that the developer has also been banned so that he cannot upload new apps to the store.
Through | bleeding computer