Skip to main content

Google Play Books is Rife With Malware, Phishing Scams

I’ve long been concerned that Epub3 ebooks would lead to a rise in hacked mobile devices, but apparently Google has decided that there’s no need to wait for Epub3 to start the malware attacks. Android Police reports that Google Play Books is suffering from an epidemic of trojan ebooks.

While the Kindle Store and other ebookstores have problems with badly formatted ebooks, Google Play Books puts its customers at risk of having their computers and mobile devices hacked (hence the term trojan ebook, as in trojan horse).

5726747429_e956dbd952[1]

Google doesn’t police its ebookstore nearly as well as Amazon, Kobo, or Apple maintain their respective stores, and hackers are making the most of the opportunity. Those hackers are taking advantage of GPB’s close proximity to the app section of Google Play to sell ebooks which contain links to what would appear to be cracked games.

These are games which were pirated and then cracked so that users could play for free. Google is vigilant in removing said pirated games from the app section of Google Play, but it has turned a blind eye to similar activity in the ebook section.

And hackers are turning Google’s indifference to their advantage. Rather than sell an ebook which contains a link to a pirated game, some hackers are linking to malware which will infect your PC or mobile device:

To figure out what’s going on, I tested with a supposed copy of Limbo. The links are all connected to a site called Androider, which hides all the supposed downloads behind a wall of ad redirects (yay, more money) and pages that download suspicious EXE files on your computer and unrelated malware APKs on your phone. There are also some really gross phishing scams in there.

There are dozens if not hundred of these trojan ebooks in Google Play Books, and there’s no sign that Google is doing anything about them.

In comparison, a quick check of Kindle and Nook did not turn up any similar suspicious ebooks. (Apple is such a fussbudget that I don’t see the need to check iBooks.)

While you could write off the malware victims as getting their just desserts, that doesn’t change the fact that Google is also letting pirated games pass through Google Play Books.

That worsens the experience for all users:

Authors and developers rely on the Play Store to make a living, and letting this stuff exist undermines confidence in the ecosystem. Providing a portal for people to get scammed, even if they should know better, is not okay. In addition, these "books" show up in search results when you look for the real app.

He’s right, you know.

image by HikingArtist.com

Similar Articles


Comments


Problems With Google Play Books | Moultrie Creek Gazette March 4, 2015 um 4:39 am

[…] have an Android device and are using Google Play Books to purchase books, you may want to check out this article at Ink, Bits & Pixels. Nate Hoffelder is concerned that a number of these books are loaded with malware that can hack […]


puzzled March 5, 2015 um 3:53 am

I went looking in Google Books for some books by some famous SF authors (which aren’t available anywhere else), and discovered that they are selling the pirated versions that have been floating around for 10 years or so.

The covers are the plain Calibre generic covers…

Nate Hoffelder March 5, 2015 um 6:30 am

Now that’s interesting. Which titles?

I’d like to do a follow up.

puzzled March 5, 2015 um 3:53 pm

Larry Niven – Dry Run, Destinys Road (note: without the apostrophe), How The Heroes Die, and Lucifer’s Hammer (probably, using a paperback cover).

Note the publishers.

I remember Oath of Fealty being there a few weeks ago, but it’s gone now.

Nate Hoffelder March 5, 2015 um 4:14 pm

I’m not seeing the titles you mention, but I am seeing a few others.

puzzled March 6, 2015 um 4:46 pm

https://play.google.com/store/books/details/Larry_Niven_Dry_Run?id=s-GDBgAAQBAJ

https://play.google.com/store/books/details/Larry_Niven_How_the_Heros_Die?id=HMiDBgAAQBAJ

Lucifer’s Hammer is the same version as available freely, based on the copyright page (print run indicator).

Nate Hoffelder March 6, 2015 um 5:26 pm

Thanks.

Those titles aren’t available to me, but I gotta wonder why they’re listed at all.


Daily Links: Google Play Books rife with Malware? | The eBook Evangelist March 6, 2015 um 12:48 pm

[…] Google Play Books is Rife With Malware, Phishing Scams (Ink, Bits & Pixels) […]


Google Adds Pre-Publication App Review Process, Adopts ESRB Rating Standards ⋆ Ink, Bits, & Pixels March 17, 2015 um 12:17 pm

[…] extend to ebooks, just apps, so the ebook section of Google Play Books will still be stuffed chock full of malware-ridden and pirated ebooks, but at least Google is raising their standards for the app […]


Ted WOODALL. September 22, 2015 um 8:40 am

I use play books down loaded onto my Samsung S4 when reading on my IPad 6gbwifi the page freezes after a while. What is the solution


Malware in Google Play Books Store November 4, 2015 um 3:15 pm

[…] Yet Another Reason To Avoid the Google Play Store As Nate Hoffelder reports on Digital Reader: […]


Problems With Google Play Books – Moultrie Creek Gazette March 8, 2016 um 9:47 am

[…] have an Android device and are using Google Play Books to purchase books, you may want to check out this article at Ink, Bits & Pixels. Nate Hoffelder is concerned that a number of these books are loaded with malware that can hack […]


Write a Comment