| This article is IMO very exaggerating issues there (please note that Google store shows that the app targets only Android >= 8.0, this has a huge impact for what's to follow) List of perms from the article:
> Collect and send users’ application list and localization to its perpetrators, so they can leverage the information to perform attacks targeted towards individuals in specific countries that use specific mobile applications, instead of massive untargeted attack campaigns that would risk exposing them, Yeah okay, giving access to the internet to an app enables the app to know what is the country of the user. Even knowing the language of the app know that. I'm sorry, but seriously, what are we supposed to do against that? > Disable the keylock and any associated password security, Listed on play store > Download third-party applications under the shape of alleged updates This doesn't allow to download apps silently. Every time you install or update a new app, this makes a huge annoying confusing popup, where you need to know where to click, and there are three such places! I even hate Google for how complicated it is. Criticizing Android for this is stupid. > Freely perform activities even when the app is shut off, I honestly don't know what they are talking about, that's pretty much always the case for all apps, there is no permission for that...? This is of course an issue wrt power drain, and Android is taking new counter measures against that power drain regularly. But that's just a power drain nothing else. > Overlay other mobile applications’ interface using a critical permission called SYSTEM_ALERT_WINDOW for which Google specifies “Very few apps should use this permission; these windows are intended for system-level interaction with the user.” This has indeed be very controversial. There are many great features that can be built with this. But the handling of this at Google has precisely been that apps need to be whitelisted manually Google-side to be allowed this permission, or go through a super complicated menu to enable it. Overall, I have a very hard time believing this malware is anything but a PoC made by the anti-virus seller itself. Edit: One thing I forgot to mention. Many permissions in Android (like in iPhone) are DYNAMIC. Which means that user NEED to EXPLICITLY approve the usage of those permissions. Google Play Store lists only the permissions that are granted without user's explicit approval. |