Google Let A Malicious App That Could Steal Information Off Your Android Phone Into Its App Store
Mike Nudelman/Business Insider
The report neglected to provide the name of the app, but it was able to alter the icons of other applications on the phone or tablet's home screen.
If a user wanted to launch another program, they would be taken to a phishing site that could steal personal information off the device instead of the actual application.
Computerworld mentions one example of how bad this was bug could be:
"The danger is that attackers could modify the icon of a banking application and fool users into divulging sensitive information on a fake website they've created."
FireEye tested this attack by creating a clone program and submitting it to the Google Play Store for Android apps. The company had no problem publishing the app and users never recieved a warning during the download process. FireEye quickly removed the app.
FireEye wrote that it contacted Google about this issue in October 2013 but a fix wasn't issued for it until February 2014.
Android users are safe from this issue for now, but FireEye's report concludes that security vendors need to move more quickly to fix these problems.
Next Story
A couple accidentally shipped their cat in an Amazon return package. It arrived safely 6 days later, hundreds of miles away.
A centenarian who starts her day with gentle exercise and loves walks shares 5 longevity tips, including staying single 
2 states where home prices are falling because there are too many houses and not enough buyers
"To sit and talk in the box...!" Kohli's message to critics as RCB wrecks GT in IPL Match 45
7 Nutritious and flavourful tiffin ideas to pack for school
India's e-commerce market set to skyrocket as the country's digital economy surges to USD 1 Trillion by 2030
Top 5 places to visit near Rishikesh
Indian economy remains in bright spot: Ministry of Finance
