Android Apps Found on Google Play Download Spyware (click for full article) by Emil Protalinski - May 11, 2013 "A new piece of Android malware has been discovered with two components: a downloader available on Google Play and the spyware app it downloads. The authors have disguised their scheme under the guise of font-installing apps. The threat, detected as "Android.TechnoReaper" by security firm Webroot, thankfully does not appear to be too popular. It is rather cleverly disguised though, as the security firm points out: Offering an app that claims to download more content is a rather simple way to bypass Google Play's security systems. This is a perfect example of why humans need to approve apps before they can arrive in an app store, and why each feature needs to be tested thoroughly. We have verified that the two apps found by Webroot are still available on Google Play. The good news is that the first app had less than 100 downloads and the second had somewhere between 10,000 and 50,000 - hardly popularly apps by Android's standards. It's not currently clear if other similar apps are available, but it's easy to see how they could be modified from claiming to push fonts, to other content, such as music, videos, or games - this would lead to a dramatically larger potential install base. What is downloaded by these apps could also be modified by simply plugging in a different URL, as you can see from the apps' code:"