This week it was announced that a new spyware app has hit Google Play Store dubbed Radio Balouch. You might have heard the name Radio Balouch before, because this is actually the second time this spyware has made it onto Google Play Store.
The other name for this spyware is RB Music and it uses the espionage tool AhMyth as the base, which is an open-source tool. We have all of the latest details about this spyware hitting Google Play Store so read on to learn all about this spyware.
Radio Balouch Spyware App Found on Google Play Store
The researchers over at ESET were the first to discover that Radio Balouch has ended up on the Google Play Store once again. Trend Micro had put out a warning about a week ago that apps with this spyware had already been downloaded over 8 million times on Google Play Store. The app that contains the spyware is called Radio Balouch, but it’s also known as RB Music.
What’s really odd about this spyware is that it runs from an espionage tool which is known as AhMyth and it’s open-source. You won’t see the intentions of this spyware since it’s very well hidden. When you download this spyware-containing app, you will actually find it’s a streaming radio app.
This app work as it’s supposed to which means that if you like Balouchi music, you will actually enjoy this radio app. While you might like the music in this app, it’s actually spyware and it will steal all of your personal information.
Radio Balouch Tricks Users Since It Appears as a Normal Radio App
There is a lot of trickery with the Radio Balouch app because it does work as a normal radio streaming app. There’s no indication that this app is stealing any personal information and that’s likely because it uses the espionage tools found in AhMyth. This malicious espionage tool was first noticed back in 2017, which is when it was publicly released.
There have been a few apps that have used AhMyth in the past, but Radio Balouch itself becomes the first to make it past the layers of security Google uses before apps get onto Google Play Store. Radio Balouch takes the cake as the first of these apps to get onto Google Play Store before being recognized, which shows just how much the spyware is improving.
These abilities to spy could be put onto other apps as well since there is a lot of trickery involved. The app looks and works just like a normal app, so no one is any wiser about the true intentions of the spyware-containing app. There are many different types of data that this spyware can get ahold of too, including stealing your contacts, harvesting your files, and even sending SMS messages through the phone that’s infected.
How Radio Balouch Ended Up on Google Play Store Twice
It’s concerning that this spyware ended up on Google Play Store Twice, with ESET discovering it previously and alerting Google. The app was removed from Google Play Store but then again, the hackers were able to get Radio Balouch onto Google Play Store. During the second time the app was on Google Play, it had only netted around 100 installs, so it’s a lot less than the first time around. ESET discovered it was on there again, alerted Google, and it was yet again removed from the Play Store.
ESET is more concerned that the same developer was able to get this app on Google Play Store twice. Google should have not allowed this developer to put another app on Google Play Store, the same app to be exact, after it was found to contain spyware the first time. For ESET, this is the most alarming aspect, because Google apparently isn’t doing what it should to protect users.
If you have an Android device, you should definitely stay away from RB Music. You should avoid apps that say Radio Balouch, since this is a repeat-offender and repeat developer. We wouldn’t be surprised to see it pop up a third time on Google Play Store.