This is shocking. Hackers could be siphoning your money from your smartphone right now and you will not even know it.
Unfortunately, this involves apps. Those are little programs on your smartphone, like Facebook Messenger, WhatsApp, Google Chrome and many others that billions of people like you download and use all the time.
Many of us have become accustomed to thinking that apps are safe. That’s largely due to Apple doing a great job of screening apps for malicious content in its App Store. Microsoft has begun doing that too in its Windows Store.
Sadly, Google has badly stumbled in doing that on its Play Store and that could be costing you money. This is going to be a major black eye for Google’s Android operating system, which runs on billions of smartphones and tablets.
Malicious apps called ExpensiveWall that silently steal your money have bypassed Google’s app screening system, known as Play Protect. In fact, these malicious apps have gotten past Play Protect at least two times.
Here’s how it works. ExpensiveWall uses a process called packing to trick Play Protect. It compresses executable files or encrypts them before they’re sent to Google’s Play Store.
Once on your phone, they unpack and steal your phone number, hardware ID and other information. They then use that information to sign you up for premium services and premium text messages that you’re charged for, without authorizing those charges.
Unbelievably, these malicious apps have been downloaded as many as 4.2 million times!
Make Sure Play Protect is Turned On
Google’s best way to scan for ExpensiveWall, although not perfect, is its Play Protect program.
Here’s what you must do: Make sure Play Protect is turned on. Here’s how to do that (from Google Support).
Check your app security status
You can check the status of Google Play Protect on your device:
- Open your Android device’s Google Play Store app .
- Tap Menu Play Protect.
- Look for information about the status of your device.
Turn Google Play Protect on or off
Google Play Protect is on by default, but you can turn it off. For security, we recommend that you always keep Google Play Protect on.