Google pulls 'undeletable' app from Play

Google has removed a malicious app from its Play store that disguised itself as a popular program.

The rogue software spoofed BatteryBot Pro, a legitimate app which monitors how much power a smartphone is using.
The fake app was able to send premium-rate text messages and blocked people from deleting it, said security company Zscaler on its blog.

One security expert said people might have to contact their mobile provider if they had downloaded the rogue app.
"Malicious apps in the Google Play store are nothing new," said Rik Ferguson, vice-president of security research at Trend Micro.
"Android is the most widely installed mobile operating system so it's an attractive user base for attackers.
"But undeletable apps like this exploit consumers who store their personal lives on a smartphone. We're reluctant to wipe our handset in case we lose something."

The real BatteryBot Pro costs £2.49 while the fake version was available for free

The real BatteryBot Pro is an app for Android smartphones that shows a user detailed information about their smartphone's battery life.
Like many apps, when installed it asks for permission to access the functions of a smartphone it needs to run.
The fake version of the app requested access to features far beyond the scope of a battery monitor, including the ability to send text messages, install other apps and track a user's location.
It also requested administrator privileges on the smartphone, to prevent people from deleting it, even after Google had pulled it from the Play store.
"I would recommend visiting your mobile provider as a first port of call," said Mr Ferguson.
"This app targets people who are not confident with technology, so I'd recommend seeking help in the High Street stores."
Zscaler said the rogue app was probably designed to commit "click fraud": tricking online adverts into thinking a genuine user was interacting with them, to earn money for the attacker as part of a revenue-sharing agreement.