A new family of malware going by the name BadNews has managed to slip through Google’s tight security and has showed up in various applications in the Play store. An estimated 32 apps have been identified which harbor the infection, but fret not – Google has already taken care of the mess by removing all malicious entries that have been reported.
The news of this infiltration surfaced through Lookout mobile security, the company behind the discovery of the malware. A post on it official blog states that the culprit was caught during investigation when it attempted to push AlphaSMS, an application well known for sending premium SMSs which cost users a hefty sum, and promoting other infected material online.
The virus appears to be innocent, but is actually an ‘aggressive advertising network.’ This is probably the reason why it managed to slip through Google’s radar. Lookout notes that such behavior of posing as an ad network is a first for a distribution network. It also points out that the combined number of infected apps have been downloaded between 2 to 9 million times.
So what’s at risk? For starters, the tool can send out fake news messages and even recommend malicious apps over time. If these aren’t enough, private and confidential details like the phone number and ID can be forwarded to a command and control server. To prevent contamination, developers are advised to keep a close watch on which third-party libraries they include. The accounts which housed application infected by the malware in question have been suspended by the Mountain View giant.
In recent news, the search giant launched a refreshed version of the Play store which features a redesigned interface. The main goal here is to provide a simple UI that’s intuitive to understand and is clean as well as allows users to find content quickly. Well, the company is putting in a great effort to ensure security and the rate at which it responded to the malware only indicates that it puts safety at high priority.
Apart from the Play store, Android devices can get easily infected with malware if applications are sourced through external websites and not approved by Google. BadNews has probably taken the giant by surprise – Let’s hope there’s no more disappointing information to follow.