Here?s a Bad news for Android Users!

Posted by Hayat Sindi on February 5th, 2018

Android users are now in trouble because of many malware found in the Android play store or Google play store. Android Mobile Malware is exploding at exceptional rates as security experts from different companies like Lookout Mobile Security, Codified security, Trend Micro etc discover a family of malware called ‘Bad News’ disguised as advertisements.

These security companies found 32 applications across four different developer accounts in the Google play store. Combined, the infected applications have been downloaded between 2 million to 9 million times. Google has removed all the applications and suspended accounts of the specific developers as per the security companies. As many as half of the applications potentially laced with malware were found to be in Russian and AlphaSMS.

An SMS fraud malware (AlphaSMS) that was also being pushed by Bad News is found to be involved in committing premium rate SMS fraud in the Russian Federation and neighboring countries like Ukraine, Belarus, Armenia, and Kazakhstan. The malware is effectively able to infect Android devices running versions 4.3 through 5.1.1. This is a Bad News for everyone who has developed an Android application: Many are riddled with backdoors.

The report points out two different issues with very different consequences: Either leaked customer data or a way to gain access to the device. The worst news is what’s responsible for the backdoors: leftover code that wasn’t deleted before publishing.

Types of applications which were removed from Play store by Google:

  • About 250,000 of the 700,000 applications are copycats. Google remove all copycat applications from play store.
  • Applications which content illegal terms, which advertise pornography and violence.
  • Applications that infect your device and make device slow.

Malware’s way of Indication:

The way in which these ‘Bad News’ malware applications work is by pretending to be an ad network and later spreading malware to the device running Android OS after the infected application is installed. The actions of these infected applications range from sending fake news messages, sending the device’s phone number and device ID to a command and control server to prompting users to install other malicious applications. Also, this latest bug can be fixed by restarting your device.

Protect your Android applications (for Android application developer)

  • Go through your code with a fine-toothed comb before publishing it, and don’t take QA with a grain of salt- that’s a perfect time for catching superfluous code snippets.
  • Take the time to protect your source code as well. There are methods available for scanning code and detect unused bits, pointing out potentially exploitable areas, and even to obfuscate code to make it harder to reverse engineer.

RELATED POSTS

Hayat Sindi

About the Author

Hayat Sindi
Joined: February 5th, 2018
Articles Posted: 7

FREE Android & iOS App - Get Paid to Explore!
The COIN app is a revolutionary new app that pays you to explore the world! Download it today and start earning while you are on the go!
Share Your Internet Connection & Get Paid
HoneyGain is compatible for desktop computers, Android and iOS and pays you when you share your internet connection!
Passive Income - Effortlessly | Honeygain
Honeygain is the first-ever app that allows users to make money online by sharing their internet connection.
Earn Crypto with the COIN App!
Earn crypto on your Android or iOS Smartphone! Signup through this link and receive 1,000 free coins!
Earn Crypto with Stakecube
StakeCube is the predominant crypto ecosystem originally launched in June 2018 as PoS Pool and has since grown to service over 50,000 Users and supporting 55+ different crypto assets with unique features across 10+ apps, like an integrated Exchange, maste
HOTBIT Crypto Exchange
Hotbit is one of the professional digital asset exchange platforms that provide trading services among major digital currencies like Bitcoin, Litecoin and Ethereum for users from all over the world.