Be very careful if you’re updating apps on your Sony Xperia smartphone this week. It looks like as if an app called Sony Backup & Restore was compromised by a group calling itself the “HeArT HaCkEr Group.”
Sony’s Backup & Restore tool is a pretty straightforward app. It can back up device settings and data to a MicroSD card. It’s pre-installed on a lot of Sony phones, including the new Xperia Z3. But the version on Google Play for several hours on Monday said it was managed by “Nirak Patel Kanudo” and its reviews were terrible. The app description also included several typos.
The issue was first spotted on the Xperia support forums early on Monday morning. Apparently, the hacker group (or Nirav Patel) published its app (with a different icon) on the Play Store and gave it the same internal signature name as the official Sony version. That means that phones with the app installed will display an option to grab the compromised software as an “update.” Sony users can’t even uninstall the app because it’s a system app.
Sony posted a short response on its forums:
Sony Mobile takes the security and privacy of customer data very seriously. We are currently investigating these reports. More information will follow as soon as we have fully assessed the situation.
Luckily, users are reporting that the app fails to install. That’s fortunate, because the app’s list of permissions is downright scary (via Xperiablog):
To be clear, nobody should download this app, even if prompted. There’s a good chance it’s malware, and even if it isn’t, it’s not the Sony app you were looking for. It’s a good reminder that even though app stores like Google Play do help keep your device secure, they’re not infallible either.
As of 3:45PM EST, the impostor app has been removed from Google Play.
Screenshots via Google Play and Xperiablog
This post has been updated to reflect the current status of the spoofed app.