"BadNews" Malware Ravages 9 Million Android Devices | TechTree.com

"BadNews" Malware Ravages 9 Million Android Devices

32 apps on Google Play Store identified to be carriers of this Russian bug.

 

Bad news for Android devices, as a Russian malware known as "BadNews" has unleashed havoc via legal apps on the Google Play Store. The bug is known to have sent premium rate text messages to the infected handsets. The security firm Lookout, which discovered the threat, has said that the program lay dormant inside the handset for weeks to thwart detection and suddenly sprang into action. Most of the affected Android phone users so far have been from Russia, Ukraine, Belarus, and other eastern European countries. An estimated 9 million devices could have been affected, going by the number of downloads of affected apps.

The 32 apps on Google Play Store that were found to be passive carriers of this malware include recipe generators, wallpaper apps, games, and pornographic programmes. These apps were from just four developer accounts and Google has already suspended these accounts and removed the affected apps. According to Lookout, BadNews posed as an "innocent, if somewhat aggressive, advertising network", sending news and info about other infected apps to users, prompting them to install them. In this way, it avoided detection since this activity wasn't deemed suspicious by security software.

BadNews remained passive on the handsets until it received remote commands from its creator's servers to start installing another malware called AlphaSMS, which sends out text messages to premium rate numbers, that charged the handset owner an enormous sum until detected. The trick to getting users to install AlphaSMS was to fake it as an essential update to Skype or Vkontakte (a Russian social networking app). In fact, app developers had no clue that BadNews was a malware and they willingly included it in their apps, thinking of it as a way to monetise their programs. Well over half of the 32 affected apps were developed in Russia and the premium rate numbers are also based in Russia, Ukraine, Belarus, Armenia, and Kazakhstan.

It is known that Google Play Store apps do not undergo the stringent security checks that Apple is known to have made mandatory for apps on its App Store. We think it is time for Google to take similar measures to prevent incidents such as these in the future. Users can also follow simple measures such as unchecking the "Unknown sources" option in their phone's security settings. The site also takes the opportunity to promote its own app, which the users can install to protect against such malware for free.


"BadNews" Malware Ravages 9 Million Android Devices

List of affected apps


TAGS: Apps, Security, Google, Android

 
IMP IMP IMP
##