North Korea Invades Facebook and Google Play
By: Jim Stickley and Tina Davis
June 9, 2018
Oh yes, they did. Earlier this year, three apps on Google Play were discovered linked to North Korea (NK). Two were disguised as security apps and the third involved food ingredients. There are very strong indications that a NK group known as Sun Team is behind the bogus app attacks. Once downloaded, they steal user device information including text messages, photos, and contact lists. The apps targeted NK defectors, using Facebook to contact the defectors and initiate the downloads.
Just a few years ago, another NK group of hackers attacked Sony Pictures before the release of a movie portraying Kim Jung Un in an unflattering light. The group known as Lazarus wreaked havoc on Sony Pictures, publicly releasing sordid information about its executives, active scripts, and other valuable data. It eventually led Sony to cancel the theater release of the movie. Lazarus is also believed to be the brains behind the WannaCry malware that shut down financial institutions and hospitals worldwide. Security experts find similarities between Lazarus and Sun Team including similar code and NK cultural references.
Although Sun Team used Google Play Store and Facebook to disperse their malware apps to defectors, it’s quite possible these could also be downloaded by those other than the intended targets. That brings to light the string of malware-laced apps found on Google Play Store. They target anyone and everyone and steal valuable data from users. Millions have downloaded infected apps from Google Play as well as sideloading them from third-party sites. Aside from stealing personal data, others hid pornography in games targeting children. Since hackers clearly have no moral code, taking precautions before downloading apps is the best defense. Remember that just because they cost money, doesn’t make them malware-free.
Third-party and sideloading are major contributors of malware-infected apps with millions already downloaded. Google Play Store and Apple App Store do what they can to find and delete the apps on their sites, but they can’t stop all of them. App enthusiasts are warned to download only from the official app stores, but not before doing their homework. Thoroughly investigating the apps, including customer reviews is a necessary precaution, particularly for apps targeting children. If a country like NK can invade app stores – and they are – random hackers easily do the same. You can bet on it.