A lightweight app comes with some heavy consequences, researchers say

Avatar

An app supposedly built for calculating a person’s body mass index (BMI) is actually information-stealing malware, according to researchers.

“BMI CalculationVsn” is the latest example of malicious software sneaked into an app store under the guise of being a simple tool for consumers. Spotted on the Amazon Appstore by researchers at antivirus company McAfee, the app was actually an infostealer with the ability to record screen activity, steal text messages and survey the list of the other apps on the device.

“McAfee reported the discovered app to Amazon, which took prompt action, and the app is no longer available on Amazon Appstore,” the researchers said. The app store caters to Android device users.

Evidence on malware repository VirusTotal shows that BMI CalculationVsn is still under development, McAfee said. It was first unveiled in October 2024 as a screen recording app, but later became the BMI calculator, and the message-stealing capability was only recently added.

It’s unclear how many users downloaded the app. Not much is known about the developers.

“The malware author tricked users by abusing the names of an enterprise IT management service provider in Indonesia to distribute this malware on Amazon Appstore,” McAfee said. “This fact suggests that the malware author may be someone with knowledge of Indonesia.”

Malicious hackers persistently try to sneak tainted apps into traditional platforms, with examples including clones of the messaging app Telegram; bogus Android tools intended for memory training, astronomy enthusiasts and more; cryptocurrency stealers masquerading as QR code scanners; and banking trojans disguised as PDF readers and other tools.

CybercrimeNewsNews BriefsPrivacyTechnology
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Joe Warminsky

is the news editor for Recorded Future News. He has more than 25 years experience as an editor and writer in the Washington, D.C., area. He previously he helped lead CyberScoop for more than five years. Prior to that, he was a digital editor at WAMU 88.5, the NPR affiliate in Washington, and he spent more than a decade editing coverage of Congress for CQ Roll Call.

 

Total
0
Shares
Previous Post

CISA urges senior government officials to lock down mobile devices amid ongoing Salt Typhoon breach

Next Post

Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency

Related Posts

Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments

Threat actors are increasingly banking on a new technique that leverages near-field communication (NFC) to cash out victim's funds at scale. The technique, codenamed Ghost Tap by ThreatFabric, enables cybercriminals to cash-out money from stolen credit cards linked to mobile payment services such as Google Pay or Apple Pay and relaying NFC traffic. "Criminals can now misuse Google Pay and Apple
Avatar
Read More