Threat actors managed to upload a spyware-serving radio app to the Google Play Store twice within two weeks, ESET discovered. The app was called Radio Balouch and while it actually worked as advertised, it also infected users with AhMyth, an open-source remote access spyware tool.
After the app made it onto the official Andoid store in early July, it was spotted by an ESET researcher who alerted Google. The tech giant removed the app, but less than two weeks later it was successfully uploaded once again. Google eventually banned the app for a second time, but this incident shows that despite Google ‘s efforts to fight malicious apps, the vetting process of the official Android store remains fundamentally flawed.
Read more: Open-source spyware bypasses Google Play defenses — twice