Here?s a Bad news for Android Users!

Posted by Hayat Sindi on February 5th, 2018

Android users are now in trouble because of many malware found in the Android play store or Google play store. Android Mobile Malware is exploding at exceptional rates as security experts from different companies like Lookout Mobile Security, Codified security, Trend Micro etc discover a family of malware called ‘Bad News’ disguised as advertisements.

These security companies found 32 applications across four different developer accounts in the Google play store. Combined, the infected applications have been downloaded between 2 million to 9 million times. Google has removed all the applications and suspended accounts of the specific developers as per the security companies. As many as half of the applications potentially laced with malware were found to be in Russian and AlphaSMS.

An SMS fraud malware (AlphaSMS) that was also being pushed by Bad News is found to be involved in committing premium rate SMS fraud in the Russian Federation and neighboring countries like Ukraine, Belarus, Armenia, and Kazakhstan. The malware is effectively able to infect Android devices running versions 4.3 through 5.1.1. This is a Bad News for everyone who has developed an Android application: Many are riddled with backdoors.

The report points out two different issues with very different consequences: Either leaked customer data or a way to gain access to the device. The worst news is what’s responsible for the backdoors: leftover code that wasn’t deleted before publishing.

Types of applications which were removed from Play store by Google:

• About 250,000 of the 700,000 applications are copycats. Google remove all copycat applications from play store.
• Applications which content illegal terms, which advertise pornography and violence.
• Applications that infect your device and make device slow.

Malware’s way of Indication:

The way in which these ‘Bad News’ malware applications work is by pretending to be an ad network and later spreading malware to the device running Android OS after the infected application is installed. The actions of these infected applications range from sending fake news messages, sending the device’s phone number and device ID to a command and control server to prompting users to install other malicious applications. Also, this latest bug can be fixed by restarting your device.

Protect your Android applications (for Android application developer)

• Go through your code with a fine-toothed comb before publishing it, and don’t take QA with a grain of salt- that’s a perfect time for catching superfluous code snippets.
• Take the time to protect your source code as well. There are methods available for scanning code and detect unused bits, pointing out potentially exploitable areas, and even to obfuscate code to make it harder to reverse engineer.

RELATED POSTS

• Apple Introducing the iOS 11.3 with More Advanced Features

• Essential tips to make an Android Application for Healthcare