Its developers compromised 13 apps on the Google Play Store, Lookout cyber security firm discovered last December.
Advertisement
Google was notified about the applications and they were removed “promptly”, according to Lookout, which said this type of activity to guarantee downloads was nothing new, it was concerning that so many apps were able to get onto the marketplace.
“Mischievously, the apps are capable of using compromised devices to download and positively review other malicious apps in the Play store by the same authors”. This is because the malware can resist the factory reset process. The apps attempt to get root privileges, and when given, copy several device files to the system partition, leaving them untouched even after a factory reset. This helps increase the download figures in the Play Store. The apps claim that they were made by developers behind apps like Brain Test. They are part of a malware family dubbed Brain Test. While the apps were caught only making unauthorized downloads of other apps, their design made it possible for them to carry out a host of fraudulent actions that could be updated on the fly by the attacker-controlled command server they connected to.
However, the Google Play Store in itself was in quite a threat recently, as it was reported that 13 “malicious” apps had been recently pulled down by Google.
The rundown of applications expelled from the Google Play store incorporates Honeycomb, Just Fire, Cake Blast, Crazy Block, Drag Box, Tiny Puzzle, Jump Planet, Ninja Hook, Piggy Jump, Eat Bubble, Hit Planet, Cake Tower, and Crazy Jelly.
In November, Lookout said auto-rooting apps installed through malicious mobile campaigns was a recent and “worrying” development within Google’s Android ecosystem. The apps have a high number of downloads, and also have several positive app reviews. In past Google removed apps that were replica of original apps of were very similar to some highly downloaded apps.
Advertisement
It is always hard to remove persistent malware, but handsets infected with the apps can be re-flashed with a ROM supplied by the device’s manufacturer, according to Lookout.
