‘BadNews’ Android Malware Affects Over 9 Million Downloads On Google Play

There's been much talk about security on Android in recent months, and it seems likely that it's a subject we won't be dropping anytime soon. Recently, we discovered that Android is susceptible to simple email attachment attacks, and not long before that, Google detailed how it was keeping its Google Play store more secure with its App Scanning utility bundled with Android 4.2. It might be fair to say that Google puts more of an emphasis on security than most companies - recently, we learned about some creative technology that helps to protect users of its Chrome Web browser.

Yet, here we are, talking about yet another new attack that the company likely didn't consider before.

The latest incidents have been tracked by mobile security firm Lookout, which saw malware called "BadNews" bundled with 32 apps. Unfortunately, these apps were available right inside of Google's Play Store, allowing any Android user quick access to them. So why didn't Google's advanced security scanners catch anything? This is where it gets interesting.

Because Google's scanners are good, and thorough, BadNews' developers created an ad network that seemed legitimate, and then had that bundled with a variety of apps. Once the apps were approved and accessible through the store, the ad network turned malicious; it began sending install prompts to users and also took it upon itself to send your phone number and device ID to a remote server. In some cases, AlphaSMS was pushed through - malware which sends SMS to premium lines.

How Google will help prevent this sort of attack in the future, we're not sure. As of the time of writing, all of the affected developers have had their accounts suspended, and it's not clear whether or not they knew of what was going on, or if they were innocent. About 50% of the apps were based in Russia, and the majority of affected users seem to reside there also.

This incident does highlight the need for developers to keep on top of the backends their apps use, however, and also to be extremely choosey about the ones they ultimately go with. A new start-up could very well end up tarnishing your apps, and your reputation.

Via:  Lookout
WAFFLEYZ one year ago

Im glad the only 3rd party apps (that arent forced on me from the factory) consist of facebook and kik. Save the gaemin for the compooper :v

WarrenEarls one year ago

We get bombing from Russians then cyber attacks on android devices from Russia. I think it adds up

WarrenEarls one year ago

We get bombing from Russians then cyber attacks on android devices from Russia. I think it adds up

MayhemMatthew one year ago

Dont download sshit apps. Problem solved

RWilliams one year ago

Haha, I tend to agree.

detnight one year ago

That is the best idea yet. I am picky about what goes on my PC and my Nexus7. I delete 95% of the mail I get even from my wife. I do not open forwarded mail from any one.

NIcFranz one year ago

russians are the new arabs.

ajm531 one year ago

hmmmm "been tracked by a mobile security firm".... really it has no name and its a mobile security firm. right so scare people into buying more useless antivirus. got it.

RWilliams one year ago

The firm's name is in that same sentence, "Lookout". The URL under the post brings you to its site.

Clixxer one year ago

Man its just like your computer. Antivirus can help but you have to check what you are downloading. I haven't had a virus in forever by that simple rule. I run the free version of AVG and just keep tabs on what I am downloading and nothing ever happens. Even if I get prompted to download something for android I always check it out and don't let anything auto update unless I trust it like big companies such as facebook or something.

WarrenEarls one year ago

I wouldnt say that...I'm scared of Russians.but I'd piss on Arabs

Post a Comment
or Register to comment