Malicious BMI Calculator Spyware Discovered on Amazon Appstore

McAfee Labs has uncovered a sophisticated malware disguised as a simple BMI calculator on the Amazon Appstore, revealing a dangerous app that can steal sensitive user information under the guise of a health tool.

The application, named "BMI CalculationVsn," appears harmless at first glance, offering users a straightforward interface to calculate their Body Mass Index. However, beneath its innocent exterior lies a complex set of malicious capabilities designed to compromise user privacy and device security.

Upon deeper investigation, researchers discovered the app performs several critical malicious activities. When users click the "Calculate" button, the Android system prompts for screen recording permissions. If granted, the app initiates a background service capable of capturing on-screen activities, potentially exposing gesture passwords and confidential data from other applications.

Beyond screen recording, the malware conducts comprehensive device surveillance. It systematically scans the device to retrieve a complete list of installed applications, which could be used for profiling users or planning more targeted attacks. Even more concerning is the app's ability to intercept and collect all incoming SMS messages, potentially capturing one-time passwords, verification codes, and other sensitive communications.

Interestingly, McAfee's analysis reveals that the app is still in its developmental stages. Historical samples trace its evolution from a basic screen recording tool to a more sophisticated malware, with SMS message stealing capabilities added in recent versions. The Firebase installation API's character "testmlwr" further suggests the app is in an active testing phase.

The developer is listed as "PT. Visionet Data Internasional," a name associated with a legitimate Indonesian enterprise IT management service provider. This strategic deception likely aims to build user trust and avoid immediate detection.

While Amazon has removed the app following McAfee's report, users who may have installed it are advised to take immediate action. Recommended steps include performing a full device scan, removing the application, and carefully reviewing app permissions for other installed software.

This incident underscores the evolving sophistication of mobile malware and the critical importance of vigilance when downloading applications. Users should:

As mobile threats continue to become more deceptive, collaboration between cybersecurity researchers, app platforms, and users remains essential in creating a safer digital ecosystem.

Found this article interesting? Keep visit thesecmaster.com, and our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium, and Instagram and subscribe to receive tips like this. 

You may also like these articles: Here are the 5 most contextually relevant blog posts: