These Samsung Galaxy Store apps could infect your new devices with malware

Honor 50
(Image credit: Future)

Potentially malicious smartphone tools are being distributed through Samsung’s mobile app store, researchers have warned.

At least five apps, clones of the deceased Showbox app, have popped up in the Galaxy Store, Max Weinbach of Android Police reported via Twitter.

The apps themselves don’t directly contain malicious code, but they could be used as a stepping stone. In fact, their design implies that they do serve the purpose of a gateway towards more serious mobile malware.

Galaxy store risk

Speaking to Android Police, security researcher linuxct explained that two of the apps can do dynamic code execution, which means they can download and execute other, potentially malicious code. 

Knowing the fact that “there are very few legitimate use cases for this functionality”, as well as the fact that it could be weaponized “easily”, it’s safe to assume that was the point, in the first place. 

"So at any moment it may become a trojan/malware, hence it's unsafe and thus why so many vendors flagged it in VT/Play Protect," linuxct explains.

The good news is that Google’s Play Protect, essentially a mobile antivirus that scans incoming apps for signs of trouble, triggers a warning when the user tries to install any of the apps. The bad news is, given that the apps reside on Samsung’s official store, people could be ignoring the warning. In fact, the apps cumulatively have hundreds of reviews, which could mean that they have plenty of downloads. Unfortunately, Samsung doesn’t count downloads from its app store, so it’s impossible to say at this point.

Some of the reviews do stress that the apps trigger the warning.

Android Police added that all of the apps are clones of Showbox, an old app that was accused of enabling piracy, but has been dead for at least two years, and is unavailable on all main app stories..

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.