Samsung’s Galaxy Store distributes apps that could infect phones with malware
Potentially Fake Showbox Movie Hacking Apps Trigger Play Protect Warning, Investigation Says They Could Download Malware
It’s hard to run your own app store. Microsoft decided to go with Amazon when Windows 11 supported Android apps rather than running its own, and even Samsung hedged its bets by running its own app store for its Galaxy devices alongside the Play Store. for years. But, based on what we unearthed today, it might do a better job. Several Showbox movie hacking app clones that Samsung distributes to customers on its Galaxy Store may be able to infect customers’ devices with malware.
Android Police’s Max Weinbach first noted the problem last night, spotting a few Showbox-based apps distributed on the Galaxy Store, some of which trigger Google’s Play Protect warning during installation. And as far as we can tell, this warning is not for nothing. An analysis of one of Virustotal’s Showbox apks shows over a dozen low-quality alerts from security vendors ranging from riskware to adware. Some apps also ask for more permissions than expected, including access to contacts, call logs, and phone.
We contacted an Android security analyst linuxct for more information on these vulnerabilities. Further investigation revealed that the app’s ad technology is capable of executing dynamic code. could include malware. Linuxct added that there are very few legitimate use cases for this feature and that it could be easily militarized. “So anytime it can turn into a trojan / malware so it’s dangerous and that’s why so many vendors reported it in VT / Play Protect. Similar issues have been documented in at least two Showbox apps on the Galaxy Store, although it may affect others as well.
Samsung is not correct distribute applications that could potentially expose customers to malware, however. These apps are all clones of another well-known app called Showbox which has been known to allow hacking and provide access to copyrighted content including movies and TV shows.
The descriptions of the apps claim that they do not host pirated content and do not allow hacking. We have not tested each of the offending applications individually, given the nature of the warnings associated with their installation, and cannot directly confirm whether the applications currently allow access to pirated content. However, the name has this reputation, and other “experts” who prefer to remain anonymous assure me that the application at some point allowed the hack. The self-hosted sources for the Showbox app make similar claims, advertising the app as a “movie database” app with a built-in VPN – nod.
The Showbox subreddit notes that Showbox is “down”, has been around for almost two years, and that the allegedly linked third-party websites and applications are “bogus.” Note that Google does not host any of the applications in question on the Play Store.
Samsung’s Galaxy Store doesn’t track the number of installs, but the apps in question cumulatively have hundreds of reviews, including several that note malware warnings at install time. We reached out to Samsung to ask if they were aware that their Galaxy Store might be distributing malware or if they were aware of Showbox’s reputation for hacking, but the company did not immediately respond to our questions. inquiries – which is understandable, given the recent vacation – and we’ll update this story if we get a response. We also contacted the developers of some of the apps in question, but at least one of the contact emails listed bounced.
In the meantime, you could be able want to stick with getting apps from more secure sources like the Play Store, although it has had its own malware issues as well.
Samsung does not forget the phones of yesteryear
About the Author