Users of Samsung Androids have been noticing something very unusual lately. Some have reported discovering a Russian app they didn’t expressly install on their systems, raising immediate malware flags. Just how did it get there in the first place, and does it pose any danger to affected phones?
The answer turns out to be a bit funny, if it weren’t for the concern that this little misunderstanding could potentially become a big security problem. The key is in the package name used by the app, which Google treats as a unique identifier within the Google Play market. Problem is, that’s not a guarantee, especially with an app not distributed through Google, like the email app Samsung ships with its phones.
It appears that this Russian app is another OEM add-on like Samsung’s, and when Google Play tried to look for updates to locally-installed apps on Samsung phones, it retrieved the Russian app by mistake.
The Russian app is now off Google Play, so it shouldn’t cause any further problems, but users who already have it on their phones are still struggling to remove it. Rooted users are having success, but there’s yet to be a solution that’s accessible to everyone.