.webp "Malicious Apps on Amazon Appstore Record Screen and Intercept OTP Verifications")
The recent discovery of a seemingly harmless health app, “BMI CalculationVsn,” on the Amazon App Store has raised significant concerns over user privacy and data security. The app, which masquerades as a simple BMI calculator, was found to be secretly collecting sensitive user data, including installed app package names and incoming SMS messages, posing a serious threat to user privacy.
While the app’s primary function appears to be harmless, it serves as a cover for a range of malicious activities, likely involving data theft, unauthorized access, or other cyberattacks. One of the most alarming features of the app is its ability to initiate screen recording upon user interaction, potentially capturing sensitive information such as passwords.
Although the current implementation of the app does not upload recordings, the underlying threat remains, indicating an ongoing risk to user privacy and security. By scanning the device to compile a list of installed applications, the app can identify potential targets for complex attacks or gather information for future malicious activities.
The app also intercepts incoming SMS messages on the device, potentially capturing sensitive information like one-time passwords (OTPs) and verification codes. The stolen data is then uploaded to a Firebase storage bucket named “testmlwr-d4dd7.appspot.com.” This indicates a sophisticated and organized approach to data theft and exploitation.
The malware, initially designed as a screen recorder, evolved into an SMS-stealing app in October 2024, suggesting ongoing development and testing phases. The presence of the “testmlwr” character in the Firebase Installation API address indicates that the app is still under testing and refinement, further highlighting the potential threat it poses to user privacy.
Cybercriminals leveraged the reputation of a legitimate Indonesian IT service provider to distribute the malware disguised as a legitimate app on the Amazon App Store. This suggests a potential connection between the attackers and Indonesia, highlighting the global nature of cyber threats and the need for enhanced cybersecurity measures.
To protect devices from malicious apps like “BMI CalculationVsn,” users are advised to install trusted antivirus software, carefully review app permission requests, and monitor their devices for unusual behavior. Recognizing the risks posed by seemingly benign apps, such as the one in question, users must remain vigilant and implement robust security measures to mitigate potential cyber threats.
In conclusion, the discovery of the malicious “BMI CalculationVsn” app underscores the importance of user privacy and data security in the digital age. By staying informed and taking proactive steps to protect their devices and personal information, users can reduce the risk of falling victim to cyberattacks and safeguard their digital privacy.