Samsung's Galaxy Store Spreading Applications That Might Infect Smartphones With Malware

Samsung’s Galaxy Store Spreading Applications That Might Infect Smartphones With Malware

Many Showbox movie piracy app clones Samsung is distributing through its Galaxy Store might infect users’ devices with malware. Last night, Android Police’s Max Weinbach first noticed the problem, noticing a few Showbox-based applications on the Galaxy Store, some of which prompt Google’s Play Protect warning when installed. 

Virustotal’s examination of one of the Showbox apks reveals over a dozen low-grade security alarms ranging from “riskware” to adware. Some applications also ask for more rights than you may think, such as access to your contacts, call records, and phone.

For additional information on these vulnerabilities, Android security analyst linuxct was contacted. Following further analysis, it was discovered that the app’s ad tech is capable of dynamic code execution. In other words, while the program as provided may not directly contain malware, it may download and execute another code, which may include malware. 

As per Linuxct, this feature has relatively few valid uses, and it might readily be weaponized. As a result, it might become a trojan/malware at any time, making it dangerous and explaining why so many vendors reported it in VT/Play Protect. Similar difficulties have been reported in at least two Showbox apps on the Galaxy Store. However, it’s possible that more are affected as well.

On the other hand, Samsung isn’t only releasing apps that might expose consumers to malware. These apps are all clones of Showbox, a well-known application that has a reputation for facilitating piracy and offering access to protected content such as movies and TV series.

According to the app’s description, it does not contain pirated material or allows piracy. When checking each of the problematic programs individually, as per the nature of warnings associated with their installation, researchers could not identify whether the apps now enable access to pirated material.

On the other hand, the name has that reputation, and other “experts” who prefer anonymity warn me that the app formerly permitted piracy. Showbox’s self-hosted sources make similar claims, touting the application as a “movie database” app with an integrated VPN — wink wink.

As per the Showbox subreddit, Showbox is “down” and has been for about two years, and third-party websites and applications claiming to be linked are “fakes.” It’s worth noting that none of the applications in question are available on Google’s Play Store.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.