Google Purged Almost 1,000 Abusive ‘Creeperware’ Apps. Now Some Are Coming Back.
Catch a Cheating Spouse now has more than 10,000 downloads
In June 2019, a group of cybersecurity researchers notified Google of more than 1,000 potentially malicious apps on the company’s Play Store that can be used to surveil, monitor, and harass users. Their findings, which have not previously been reported, eventually led to one of the largest ever mass removals of Android apps.
Less than a year later, there are signs that the “creeperware,” as the researchers called it, is returning. The label comprises a broad category of abusable apps, including tools for spying, spoofing phone numbers, and secretly recording video and audio. Some of those programs banned by Google have now rebranded or added disclaimers and returned to the Play Store. Meanwhile, new programs with overtly abusive purposes have slipped through the company’s automated monitoring systems.
The initial 1,095 apps flagged by researchers came in a variety of forms. Catch Cheating Spouse and its ilk offered stalkerware packages: Once installed on a victim’s phone, the user could track the device’s location, read messages, listen to calls, remotely record through the microphone, or log passwords.
Many of the programs had innocuous names but hostile purposes. Spoof Text Message, for example, advertised itself with a video using the tagline “Don’t like your buddy’s girlfriend? Well, break them up!” Others, like GirlFriend Cell Tracker, were more explicit in their motivation.
“When we reported these apps to Google initially, it felt like they didn’t really know what to do with them,” said Kevin Roundy, the technical director of NortonLifeLock’s research group, and one of the lead members of the team that uncovered the malicious apps last June.
Once installed on a victim’s phone, the user could track the device’s location, read messages, listen to calls, remotely record through the microphone, or log passwords.
At first, Roundy said, Google determined that many of the apps didn’t violate the Play Store guidelines, and declined…