Recently, specialists from McAfee Labs discovered a harmful app called The BMI CalculationVSN being distributed through the Amazon AppStore. The app was disguised as a simple tool for calculating body weight (BMI) but was secretly collecting a significant amount of user data.
Despite its seemingly harmless appearance, the app had minimal functionality where users entered their weight and height to obtain their BMI. However, behind this facade, the app was engaging in malicious activities. Analysis revealed that the app could capture the device screen by requesting a resolution upon clicking the “Calculate” button, potentially compromising sensitive information such as passwords from other applications.
In addition to screen recording, the app was also collecting information about other installed applications, aiding potential attackers in selecting targets for future attacks. Furthermore, the app was intercepting all incoming SMS messages, including one-time passwords and confirmation codes, with the intercepted data being stored in Firebase’s cloud storage.
McAfee’s investigation found that the malware was still in the development stage. Initially disguised as a screen recording app in October 2024, it later morphed into a BMI calculator with added SMS theft capabilities. The use of Firebase with the test “TestmlWr” indicated that development was not yet complete.
The app developer was identified as “Pt. Visionet Data International,” a prominent IT service provider in Indonesia. The attackers utilized the company’s name to deceive users, suggesting a potential connection to Indonesia.
Following McAfee’s report, Amazon promptly removed the malicious app from its store. However, this incident underscores the importance of exercising caution when installing applications. Users are advised to scrutinize permissions requested by apps, avoid suspicious programs, and employ antivirus solutions to safeguard their data.
As harmful apps continue to evolve and masquerade as benign utilities, maintaining vigilance is crucial to safeguarding one’s digital life.