SIK-2017-027

Title:

Commercial Spyware Downloader in Google Play

Report ID

SIK-2017-027

Summary:

Vendor: dannn
Product: Cell Tracker (Package-name: es.cell.tracker.kids)
Affected Version: 2.1
Severity: High
Short summary: The app offered in the Google Play Store is only a downloader for a commercial spyware product.

Details:

The app offered on the Google Play Store is not the real GPS tracker. Instead, it prompts to user to activate sideloading and download an externally-hosted secondary APK file. This APK file is detected as spyware by various AntiVirus applications. In fact, it leaks data to https://de.spygpstracker.net/, which is a commercial spyware offering.

This is a violation of the Google Play Store terms.

Workaround

–

Suggested Mitigation

–

Timeline

2017-07-12: Issue discovered
2017-07-14: Sent to Android Security Team
2017-07-20: Android removed the malware from Google PlayStore