‘BadNews’ Android Malware Affects Over 9 Million Downloads On Google Play

rated by 0 users
This post has 11 Replies | 0 Followers

Top 10 Contributor
Posts 24,859
Points 1,115,625
Joined: Sep 2007
ForumsAdministrator
News Posted: Sat, Apr 20 2013 2:09 PM

There's been much talk about security on Android in recent months, and it seems likely that it's a subject we won't be dropping anytime soon. Recently, we discovered that Android is susceptible to simple email attachment attacks, and not long before that, Google detailed how it was keeping its Google Play store more secure with its App Scanning utility bundled with Android 4.2. It might be fair to say that Google puts more of an emphasis on security than most companies - recently, we learned about some creative technology that helps to protect users of its Chrome Web browser.

Yet, here we are, talking about yet another new attack that the company likely didn't consider before.

The latest incidents have been tracked by mobile security firm Lookout, which saw malware called "BadNews" bundled with 32 apps. Unfortunately, these apps were available right inside of Google's Play Store, allowing any Android user quick access to them. So why didn't Google's advanced security scanners catch anything? This is where it gets interesting.

Because Google's scanners are good, and thorough, BadNews' developers created an ad network that seemed legitimate, and then had that bundled with a variety of apps. Once the apps were approved and accessible through the store, the ad network turned malicious; it began sending install prompts to users and also took it upon itself to send your phone number and device ID to a remote server. In some cases, AlphaSMS was pushed through - malware which sends SMS to premium lines.

How Google will help prevent this sort of attack in the future, we're not sure. As of the time of writing, all of the affected developers have had their accounts suspended, and it's not clear whether or not they knew of what was going on, or if they were innocent. About 50% of the apps were based in Russia, and the majority of affected users seem to reside there also.

This incident does highlight the need for developers to keep on top of the backends their apps use, however, and also to be extremely choosey about the ones they ultimately go with. A new start-up could very well end up tarnishing your apps, and your reputation.

  • | Post Points: 110
Not Ranked
Posts 2
Points 10
Joined: Nov 2012
waffleyz replied on Sat, Apr 20 2013 2:52 PM

Im glad the only 3rd party apps (that arent forced on me from the factory) consist of facebook and kik. Save the gaemin for the compooper :v

  • | Post Points: 5
Not Ranked
Posts 23
Points 200
Joined: Mar 2013

We get bombing from Russians then cyber attacks on android devices from Russia. I think it adds up

  • | Post Points: 5
Not Ranked
Posts 23
Points 200
Joined: Mar 2013

We get bombing from Russians then cyber attacks on android devices from Russia. I think it adds up

  • | Post Points: 5
Top 150 Contributor
Posts 619
Points 5,260
Joined: Dec 2011

Dont download sshit apps. Problem solved

  • | Post Points: 35
Not Ranked
Posts 4
Points 15
Joined: Apr 2013
NIcFranz replied on Sat, Apr 20 2013 8:00 PM

russians are the new arabs.

  • | Post Points: 5
Top 150 Contributor
Posts 577
Points 5,250
Joined: Sep 2012
Location: Canada
ForumsAdministrator
Moderator
RWilliams replied on Sat, Apr 20 2013 8:34 PM

Haha, I tend to agree.

  • | Post Points: 5
Top 150 Contributor
Posts 536
Points 4,485
Joined: Apr 2012
Location: Schertz, Texas
ajm531 replied on Sat, Apr 20 2013 9:03 PM

hmmmm "been tracked by a mobile security firm".... really it has no name and its a mobile security firm. right so scare people into buying more useless antivirus. got it.

  • | Post Points: 20
Not Ranked
Posts 23
Points 200
Joined: Mar 2013

I wouldnt say that...I'm scared of Russians.but I'd piss on Arabs

  • | Post Points: 5
Top 500 Contributor
Posts 161
Points 1,390
Joined: Jan 2010
Location: Texas City
detnight replied on Sat, Apr 20 2013 10:42 PM

That is the best idea yet. I am picky about what goes on my PC and my Nexus7. I delete 95% of the mail I get even from my wife. I do not open forwarded mail from any one.

Asus M4A79T deluxe,AMD Athlon II X4 620,PNY GTX285 1gb,Patriot Viper DDR3 1333 8gb,Creative Sound Blaster X-Fi Titanium Fatal1ty Pro,Diamond ATI TV Wonder HD 650 Comb,Plextor DVD-CD burner,Patriot PS-100 SSD 32gb ,WD 500gb 32mg,Antec Twelve Hundred Full Tower,Antec True Power Quattro 1000watts,Toshiba 40in 1080p for a monitor

  • | Post Points: 5
Top 150 Contributor
Posts 577
Points 5,250
Joined: Sep 2012
Location: Canada
ForumsAdministrator
Moderator
RWilliams replied on Sun, Apr 21 2013 12:21 PM

The firm's name is in that same sentence, "Lookout". The URL under the post brings you to its site.

  • | Post Points: 20
Top 150 Contributor
Posts 730
Points 5,865
Joined: Apr 2013
Location: Lewisville, TX
Clixxer replied on Mon, Apr 22 2013 12:38 AM

Man its just like your computer. Antivirus can help but you have to check what you are downloading. I haven't had a virus in forever by that simple rule. I run the free version of AVG and just keep tabs on what I am downloading and nothing ever happens. Even if I get prompted to download something for android I always check it out and don't let anything auto update unless I trust it like big companies such as facebook or something.

My rig - I7-4770K, ASUS Z87-A Mobo, 16 GB Corsair Ram, AMD 7990 GPU, CoolIT AiO Cooler, NZXT H630

  • | Post Points: 5
Page 1 of 1 (12 items) | RSS