The applications, which may contain just a link to a website, can be hard to assess using automated analysis A steady stream of questionable applications is flowing daily into Google’s Play store for Android devices, according to security vendor Symantec.Over the last seven months, Symantec found more than 1,200 suspicious applications in the Play store. Google removes many shortly after they’re published, but others stay in the store for a few days.“Although they have short lives, the apps must provide ample profit for the scammers as they show no signs of halting their development of new ones,” wrote Joji Hamada of Symantec.The applications can be difficult to assess and employ a series of maneuvers and layers in order to attempt to rip off users. Hamada wrote one application aims to get users to subscribe to an online adult video site at a cost of more than US$3,000 a year. The application’s sole purpose is to launch a link to an adult website.The website then asks the user to register in order to play videos. An email form is drafted, and the user is asked to hit send. The email, sent to the user, contains a link to another service on a different website. This time, the user is prompted to enter a password. If that button is clicked, the phone is supplied with a number. When called, the number gives out a password. The person is then given registration details and told of a AY=315,000 ($3,200) annual fee that is due within three days.Applications that launched only links “can be almost impossible for any system to confirm anything malicious,” Hamada wrote.“The manual steps required in this scam is another strategy used to keep the apps on the market as long as possible,” Hamada wrote. “Human analysis may be the only way to discover these sorts of apps.”Apple closely examines applications submitted for its App Store, which has kept its marketplace relatively free of malware. Google also scans applications in the Play store. It also added a feature to the latest 4.3 version of the Android OS that scans any application for malicious code.More than 100 applications similar to the adult videos one have been published on Google Play since the beginning of the month, Hamada wrote. Thirty applications from three developers are still in the market.Symantec informs Google when it finds such applications, he wrote, but the scam applications flow into Play daily. Many of the applications float into some of the top keyword searches, apparently as the result of abuse of Play’s search function. Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk Related content feature How to pick the best endpoint detection and response solution EDR software has emerged as one of the preeminent tools in the CISO’s arsenal. Here’s what to look for and what to avoid when choosing EDR software. By Linda Rosencrance Sep 25, 2023 10 mins Intrusion Detection Software Intrusion Detection Software Intrusion Detection Software feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Data and Information Security IT Leadership brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe