This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at http://www.bbc.co.uk/news/technology-33425413

The article has changed 2 times. There is an RSS feed of changes available.

Version 0 Version 1
Google pulls 'undeletable' app from Play Google blocks 'undeletable' app from Play store
(2 days later)
Google has removed a malicious app from its Play store that disguised itself as a popular program. Google has blocked a malicious app submitted to its Play store that disguised itself as a popular program.
The rogue software spoofed BatteryBot Pro, a legitimate app which monitors how much power a smartphone is using.The rogue software spoofed BatteryBot Pro, a legitimate app which monitors how much power a smartphone is using.
The fake app was able to send premium-rate text messages and blocked people from deleting it, said security company Zscaler on its blog.The fake app was able to send premium-rate text messages and blocked people from deleting it, said security company Zscaler on its blog.
One security expert said people might have to contact their mobile provider if they had downloaded the rogue app. One security expert said rogue apps "exploit consumers" who may not realise what they have installed.
"Malicious apps in the Google Play store are nothing new," said Rik Ferguson, vice-president of security research at Trend Micro. "Android is the most widely installed mobile operating system so it's an attractive user base for attackers," said Rik Ferguson, vice-president of security research at Trend Micro.
"Android is the most widely installed mobile operating system so it's an attractive user base for attackers.
"But undeletable apps like this exploit consumers who store their personal lives on a smartphone. We're reluctant to wipe our handset in case we lose something.""But undeletable apps like this exploit consumers who store their personal lives on a smartphone. We're reluctant to wipe our handset in case we lose something."
The real BatteryBot Pro is an app for Android smartphones that shows a user detailed information about their smartphone's battery life.The real BatteryBot Pro is an app for Android smartphones that shows a user detailed information about their smartphone's battery life.
Like many apps, when installed it asks for permission to access the functions of a smartphone it needs to run.Like many apps, when installed it asks for permission to access the functions of a smartphone it needs to run.
The fake version of the app requested access to features far beyond the scope of a battery monitor, including the ability to send text messages, install other apps and track a user's location. The fake version was submitted to the Google Play Developer Console for the company to approve.
It also requested administrator privileges on the smartphone, to prevent people from deleting it, even after Google had pulled it from the Play store. The app requested access to features far beyond the scope of a battery monitor, including the ability to send text messages, install other apps and track a user's location.
"I would recommend visiting your mobile provider as a first port of call," said Mr Ferguson. It also requested administrator privileges on the smartphone, to prevent people from deleting it.
"This app targets people who are not confident with technology, so I'd recommend seeking help in the High Street stores." "This app targets people who are not confident with technology," said Mr Ferguson.
Zscaler said the rogue app was probably designed to commit "click fraud": tricking online adverts into thinking a genuine user was interacting with them, to earn money for the attacker as part of a revenue-sharing agreement.Zscaler said the rogue app was probably designed to commit "click fraud": tricking online adverts into thinking a genuine user was interacting with them, to earn money for the attacker as part of a revenue-sharing agreement.
Security expert Rik Ferguson has this advice:Security expert Rik Ferguson has this advice:
One criticism of the Android operating system is that it only offers users "binary choices" over security - to either allow an app all requested permissions, or none at all.One criticism of the Android operating system is that it only offers users "binary choices" over security - to either allow an app all requested permissions, or none at all.
"You can't tell the phone, 'I trust Google and Amazon, but nobody else'," said Mr Ferguson, "It's all or nothing.""You can't tell the phone, 'I trust Google and Amazon, but nobody else'," said Mr Ferguson, "It's all or nothing."
Google confirmed the next version of its mobile operating system, dubbed Android M, would give users more control over the permissions apps sought.Google confirmed the next version of its mobile operating system, dubbed Android M, would give users more control over the permissions apps sought.
The fake BatteryBot Pro was removed from Google Play when the company was made aware of what had happened. The fake BatteryBot Pro was removed from Google Play before anybody had the chance to install it.
Google said it did not comment on specific apps, but said it had clear policies for developers.Google said it did not comment on specific apps, but said it had clear policies for developers.
"We remove apps from Google Play that violate those policies," it said."We remove apps from Google Play that violate those policies," it said.