Google Play is currently witnessing some ‘BadNews’, even as approximately 32 Android apps through four varying developer accounts have been detected with a family of malware. Adding to the unfavorable tidings is the fact that these when combined, have been downloaded from 2 to 9 million times.
What seems to be a safe advertising network to unsuspecting users at first, in reality is a virus pushing forth deceptive schemes. Undesirably enough, the malware has evolved enough to dodge app-vetting processes, seeing as it assumes its malicious behavior over a period of time. The reason behind its wide outreach is the failure of malware detection by such processes, before the virus engages in malevolent activity.
Roughly half of the infected apps are in Russian and controllers of these utilities are employing them as a platform to tout unfamiliar services which themselves comprise of the malware in question. The ruse came to an end when it was identified promoting the notorious AlphaSMS which had become well known for charging users by sending messages to premium numbers.
It wouldn’t please people to know the final impact is delivering sensitive piece of information like a phone or serial number to the Control and Command server. This renders the power of showcasing fake news to users, to those controlling the C&C.
Seen above is a picture of the 32 apps to have been caught housing the malware. The utilities to have flown under the radar pose as innocent applications including certain Russian wallpapers and game apps. Amidst this appalling news, Lookout users will find themselves heaving a sigh of relief. We say this because the official blog of this mobile security app has stated that people utilizing their services have been protected against the penetration of this malware.
The blog post has furthermore narrated that Google had been warned of the existence of BadNews in multiple Android tools, following which the search leader immediately pulled down the affected utilities. As of now, three C&C servers have been detected; the first is located in Russia, second in Ukraine and third in Germany. Even though all these are still in action, the company proffering mobile security has assured us that it is toiling to bring such on-goings to an end.