Android Malware Found Disguised as Health App

Researchers have discovered a malicious Android spyware app called “BMI CalculationVsn” on a well-known app store. The app pretended to be a health tool for calculating body mass index (BMI) but secretly stole user data in the background.

The spyware came to light after researchers reported it, prompting its removal from the app store. However, users who installed the app must manually delete it and perform a full scan to remove potential traces.

The app was published under the name “PT Visionet Data Internasional.” Upon opening, it provided basic BMI calculation features. However, the app also performed hidden actions that compromised user privacy.

For instance, when users clicked the “Calculate” button, the app requested permission for screen recording. This deceptive behavior could trick users into granting access unknowingly. Researchers found that the app stored the recordings locally in MP4 files but did not upload them, suggesting the spyware was still in a testing phase.

Additionally, the app scanned devices for installed applications, enabling attackers to gather intelligence for future actions. It also intercepted and collected sensitive SMS data, such as one-time passwords (OTPs) and verification codes, potentially exposing users to financial fraud.

The app first appeared on October 8 and evolved rapidly. By the end of the month, its icon, malicious functions, and certificate information had all been modified.


Preventive Measures

To protect against such threats, users should only install apps from trusted developers and scrutinize app permissions carefully. Revoking unnecessary permissions can limit risks even after installation. Keeping Google Play Protect active provides another layer of defense, as it can detect and block known malware. Regularly updating device security settings and scanning for threats are essential practices for Android users.