[Update: Gone] Sony's Backup & Restore System App Compromised Via The Play Store

Android Police

By Michael Crider

Published Nov 24, 2014

Update: The app has been removed from the Play Store. Good job, Google/Sony/users who flagged the app.

Oh dear. The folks at XperiaBlog got a nasty shock when checking the My Apps section of the Play Store on an Xperia Z3: the Backup & Restore app (a default application pre-installed on the phone) seems to have been compromised. A Play Store page has been added for the app, and now shows "Nirav Patel Kanudo" as the publisher. "Managed By : HeArT HaCkEr Group" has been added to the description, along with the mobile banner below.

Backup & Restore is a basic tool that backs up apps, media, SMS, and the like to a MicroSD card (a pretty standard feature on Sony phones). It's installed as a system app on some Sony hardware, including the Z3 - David Ruddock mentioned it briefly in our review. But the app wasn't published on the Play Store before Saturday; we keep a close eye on Sony's publisher account, and would have noticed. It looks like this Nirav Patel published either the same app or a modified or separate app on the Play Store and gave it the same signature name as the one installed on the Z3 (com.sonymobile.synchub). That apparently causes phones with the app already installed to assume it's the same thing.

The fake app's permissions, via XperiaBlog.

Based on that assumption, I hesitate to call this a "hack" - it's basically a quick shuffle that exploits the way the Play Store checks for updates to apps currently installed on your phone. It's possible, though unlikely, that an app with malicious code could slip through Google's automated detection system and make its way to devices. The app posted to to the Play Store has a long list of dangerous permissions, including access to the network and reading call logs, contacts, text massages, and the phone's non-system storage. Some users are reporting that trying to install it on an Xperia Z3 results in a package error.

Sony has already responded to users about the fake app on its official forum, though the answer was somewhat noncommital. I doubt this listing from "Nirav Patel" will be on the Play Store tomorrow.

The current Play Store listing is here. Again, we recommend against installing or updating this app on any phone.

Source: XperiaBlog, SonyMobile forum