An average person would want to believe that all the applications in Google’s Play Store are verified and safe to install and use.
But there have been cases where Android malware has indeed been detected within the Play Store—Google has a dedicated security research team to detect such rogue applications and remove them.
Some of these apps could pose a serious threat to users’ devices and data, while others seem less hazardous but are still not approved by Google.
But now, the team has detected a particularly dangerous malware program going by the name Lipizzan.
An Israeli Firm Behind the Malware
It has been inferred that the Lipizzan spyware has been developed by an Israeli firm, Equus Technologies. The only background information about this firm appears to be from its profile on LinkedIn.
This profile appears to suggest that the company assists law enforcement agencies with their unique solutions. But going beyond the identity of the creator of the app, it is essential that the risk involved with the Lipizzan spyware has to first be understood.
The Malware Can Cause Serious Harm
Google’s security team found that the Lipizzan spyware was listed under specific categories in the Android Play Store. One of them could be as innocuous as a “cleaning” or “backup” app. If a user installs the app by mistake, it would act in a two-stage operation.
The malware installs a verification certificate and then starts scanning the device and transmitting data to a remote server, which acts as the command center.
The information therein exported can include practically everything present on the device such as files, phone call records, and even data present on most frequently used communication apps like Gmail, WhatsApp, Skype and other similar platforms.
There is no doubt that the Lipizzan spyware can instantly compromise the security of the implicated device and its owner.
Purpose Not Clear
Though Google has managed to detect the Lipizzan spyware and has arranged to have it removed from the Play Store, there are a few questions yet to be answered.
The most critical would be why would this company from Israel want to plant such an app on the Google Play Store, and who would have been their targets?
Particularly, when you consider that there are billions of Android devices across the world, it raises the question of which specific region or country the Lipizzan spyware expected to target.
Google’s research team might not be immediately concerned with these questions, since their primary duty would be to detect and eliminate any malware that can jeopardize the security of their customers.
Only Around 100 Devices Infected
According to the feedback received by Google, only 100 or less Android devices had been infected by installing the Lipizzan spyware. Google claims that these devices have since been sanitized and the threat removed.
How to Protect Your Device?
Google has an effective remedy already available on the Google Play Store, called Google Play Protect. This is a resident application with the job to scout for any offending malware and remove them from the store.
The Lipizzan spyware was also detected and removed by this tool only. To ensure that you stay protected from any such malware program, you should opt into the Google Play Protect solution.
Besides this, you should check if the app you’re planning to install is only from the official Play Store and not from any unauthorized sources.
Even when you attempt such downloads, Google will warn you to be cautious with the installation. Android operating systems have a feature under ‘Settings’ where you can choose the ‘Verify apps’ option. This can help you avoid installing unwanted applications on your device.
In addition to all these precautions, you should always update your phone or other Android device with the latest security patches released by Google. It’s also helpful to follow cybersecurity news to be aware of the names and styles of malware being detected and reported by experts.
This way, even if any attempt is made on your device to plant a malware, you can remain alert and avoid downloading or installing such files, programs or apps.