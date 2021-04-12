Kaspersky Lab researchers discovered a security threat in APKPure. It is an alternative application store to Google Play Store. This allows you to install Android applications that are not available in the official Mountain View store because they have been withdrawn or due to lack of compatibility.

The threat, as indicated by Kaspersky, could show an avalanche of unwanted ads and, through some of them, install malware on mobile device. The application affected with the malicious code is APKPure 3.17.18, and there is already a new version available that fixes the problem.

As for the functionality of the threat, it is found in one of the application’s code strings. When running, the app extracted data from the victim’s phone without their consent. Also, it played ads on the lock screen.

Another characteristic of the malicious code that APKPure contained was loading additional software. The security company detected a Trojan related to Triada. It can perform a variety of unwanted actions by the user. For example, running adware campaigns, displaying paid subscription ads, and downloading other software.

Kaspersky Lab mentions that it alerted the APKPure developers last Thursday. Just one day later the app was updated and it is recommended that everyone install the latest version which removes the threat. Researchers believe that the company ended up installing the malicious code by using an unverified development kit (SDK).

A security problem that goes beyond APKPure

APKPure has been available since 2014 and, as we mentioned earlier, allows access to applications and games not “officially” available on Android. The truth is that it is an alternative application store to the official one and, Although Google Play Store has had security problems, it is not recommended to install applications outside of it.

In recent times, security experts have insisted that applications installed outside the official stores of mobile operating systems can include threats. Many times, the malware that reaches Android terminals comes from apps from unidentified developers.

