MALWARE BASED on the open source Kotlin programming language for Android has been found lurking in the Google Play Store.
Trend Micro researchers discovered a malicious app named Swift Cleaner on Google’s Play Store, noting it contained code that allows it to sign up Android users to services without their permission and commit click advertising fraud, as well as steal information.
Basically, it’s pretty typical of the malware that crops up in dodgy apps that have wormed their way past the digital bouncers on the Play Store.
But the crux of the issue is that the malware is the first of its kind to be created from the Kotlin language, which became the official programming language of Android back in May 2017. Some of the top Android apps make use of it, including Twitter, Pinterest, and Netflix.
Google had been spouting that Kotlin has security features that should make apps ‘healthy by default’.
Kotlin contains a null-safety feature, which is designed to eliminate the danger of null references – essentially having values in code that aren’t values which throw up all manner of problems.
However, it would appear that Kotlin can still be used to create infected apps, so as the programming language continues to be adopted, more malware is likely to be constructed from it.
As for the Swift Cleaner app, Trend Micro alerted Google which stripped it from the Play Store, though the security company notes that some 1,000 to 5,000 people had already downloaded it.
The malware itself is rather nasty, able to receive a command to trigger wireless application protocol tasks to enable it to spy on information on a wireless network alongside accessing device data.
That data can then be uploaded to a command and control server whereby it can be used to automatically sign up users to SMS subscription services with premium price tags.
Google has been doing a lot of work to shore-up Android and the Play Store, but inevitably with such an open platform there’s bound to be malware that keeps attempting to get through.
Naturally, mobile anti-virus software can shield Android devices, but if Kotlin is used to create fresh malware, there could be new threats for Google, security firms, and Android users to look out for.
We’d suggest staying away from dodgy apps that look too good to be true as a first step to avoiding nasty malware surprises. µ