The alarming fact is that the app entered and continued to run on Google's Play Store even after Google initiated pre-moderating apps to ensure that offending apps were blocked before they could spread their evil ideas.
A rogue app walks over Android's Certifi-Gate again!
“While we don’t comment on specific apps, we can confirm that we remove apps from Google Play that violate our policies. Our policies are designed to provide a great experience for users and developers. That’s why we remove apps from Google Play that violate those policies,” said Google to the Guardian.
The fact that the app was live only for two days means that it probably didn't cause as much harm as it could have if allowed a longer run. On the flip side, the app's closure will allow the Taliban to create more apps in an attempt to reach out to the mainstream. The Taliban is known to create new profiles and pages on Facebook and Twitter once their existing accounts are deleted or blocked.
This isn't the first time that Google has been guilty of allowing malicious apps to run on its Play Store before they were flagged by experts. Back in January, Google kicked out 13 malicious apps from its Play Store after Chris Dehghanpoor, a security researcher, revealed that these apps copied device files into phone partitions that couldn't be corrected even after factory resets.
Google kicks out 13 malicious apps from Play Store
The researcher found that these apps boasted huge download numbers on Google's Play Store and even put in positive comments about these apps without user permission. The thirteen apps he found were Cake Blast, Jump Planet, Honey Comb, Crazy Block, Crazy Jelly, Tiny Puzzle, Ninja Hook, Piggy Jump, Just Fire, Eat Bubble, Hit Planet, Cake Tower, and Drag Box. He found that these apps obtained unauthorized access to a device's root and then copied device files into partitions. The developers behind these apps came from the Brain Test malware family.
In August last year, a rogue app named 'EASY screen recorder NO ROOT' allowed hackers to gain access to Android phones and tablets. Security firm Check Point identified this app as a source of major trouble, claiming that hackers could gain “illegitimate privileged access rights” to individual Android devices through the app. This vulnerability was present in all devices running both Android 5.0 Lollipop and Android 4.4 KitKat operating systems.