What seemed like a harmless, easy-to-use messaging service for Android users proved to have a dark ulterior motive.
Taking the phone numbers of all who downloaded it and allowing others to “rent” them for use on an account creation service.
Thankfully, thanks to an intrepid security researcher, the app has been successfully shut down.
Caught ‘Read’ Handed
The Symoo app billed itself on Google Play as “JustSms is simple to use SMS application.”
While the shockingly poor grammar should have been a serious red flag to begin with, the app somehow managed to attract over 100,000 downloads, and earn a rating of 3.4 on Google Play.
Though not all the reviews were raves.
Indeed, plenty of users immediately noticed that something was off, reporting how the app asked for a one-time password upon installation and seemed to be hijacking their phones.
These red flags also caught the attention of Maxime Ingrao, a French security researcher currently employed at the cybersecurity company Evina.
Upon learning of the Malware attached to the app, Ingrao shared exactly what Symoo did on his Twitter page.
Accompanied by screenshots, Ingrao explained how Symoo read and sent all messages directly to a server specifically designed to sell “account creations”, allowing people to use phone numbers to verify they’re real, and then used the phones infected by the service to authenticate these fake accounts through messages. Ingrao went on to point out how Symoo was the No. 1 new SMS app in India, where over 100,000 people fell victim to it.
How exactly did it work?
Ingrao went on to explain that Symoo first took people’s information by asking for the user’s phone number on the login page.
While the next screen made it appear to users that the application was loading, it was all a cover-up, hiding the interface of their number being sent to various subscription services.
Once the app finished loading, it would freeze, prompting users to delete the app.
However, their phone numbers had already been apprehended by then, and the user’s phone numbers were used to create fake accounts on numerous platforms, including Facebook and Instagram.
Ingrao then shared that he was able to track the malware back to a domain called “goomy[dot]fun”, a domain used by an app called Virtual Numbers.
Virtual Numbers happened to be created by the same developers of Activation PW, a website offering users numbers from more than 200 countries they can use to create fake accounts.
According to Bleeping Computer, users could rent a number for as little as 50 cents to verify a fake account.
Thankfully, a Google spokesperson later confirmed to Bleeping computers that both Symoo and Activation PW have been removed from Google Play, and the developer has been banned.
Be Careful What You Download
It’s easy to get carried away and download any app that seems like something you’d enjoy.
Then too, if it’s available on Google Play, it must be safe, right?
Unfortunately, as seen above, that isn’t a guarantee. Rouge unsafe apps have regularly found their way onto Google Play app store before being removed long after compromising thousands of people.
Thankfully with these commonsense tips, it’s not too difficult to discern which apps one should probably avoid.
Check the rating.
If most of the ratings for the app sit at two stars or less, and users seem to be struggling to find anything good to say about it, then it’s likely one to avoid downloading.
Make Sure your software is up-to-date.
Luckily, certain malware isn’t able to function on the most up-to-date software, so always be sure that your devices, be it an iPhone, Android, as well as your browser, are updated on a fairly regular basis.
Download an Antivirus App.
Installing antivirus software on your devices is one of the most surefire ways of ensuring you’ll be protected from malware and phishing scams.
With its easy setup, real-time anti-malware protection, and excellent customer service, TotalAV is one of the most reliable Antivirus services available today. You can read my Best Antivirus Reviews of the top protection for PC, Mac, Android and iOS devices by searching ‘Best Antivirus’ at CyberGuy.com.
Never download any app from a link sent to you
The most important tip is to avoid linking from social media, a text or email to download any apps from a source other than the official Google Play store and Apple App Store.
If you have even the tiniest iota of doubt about the safety of an app, always best to go with your instincts and leave it off your phone.
Copyright 2023 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.