Sunday, 21 April 2013

Security firm finds 32 apps on Google Play infected with malware

While Google Play has caught up with Apple's App Store in terms of sheer number and quality of apps, the service's open nature still causes trouble now and then. Security firm Lookout is now warning users against 32 apps on Google Play that have been found to be infected by a malware called BadNews. If installed, the malware sends messages to premium rate text numbers.

The malware won't be detected immediately after installing the apps. It has been designed to stay dormant for a few weeks so as to avoid detection. To be specific, the malware has been specifically targeted towards Android users in Eastern-European countries such as Russia, Ukraine and Belarus. The premium rate message-sending malware is quite popular in Eastern Europe and Russia.

Google has removed the apps since Lookout's warnings, but the security firm estimates that the malware has been downloaded between 2 to 9 million times. Some of the infected apps included wallpaper apps, recipe generators, games and porn apps.

Because of its overall open nature, Android is well known for some of the flaws in its security. According to a report back in February, ninety-nine percent of newly discovered mobile malicious programs target the Android platform, while only a very small amount targets Java and Symbian-based smartphones. The report found that 2012 was the second year to show explosive growth in Android malware.

The majority of Android malware can be divided into three main groups according to functionality. Elaborating further, the report adds that “SMS Trojans” empty victims’ mobile accounts by sending SMS texts to premium-rate numbers. Backdoors provide unauthorised access to a smartphone, making it possible to install other malicious programs or steal personal data. Spyware targets the unauthorised collection of private data, such as address books and passwords (or even personal photos in some cases).

In the first half of 2012, Backdoors, SMS Trojans and Spyware combined accounted for 51 percent of all newly discovered Android malware. In the Top 10 chart of Android malware that was blocked by Kaspersky Mobile Security or Kaspersky Tablet Security, SMS Trojans emerged to be the most widespread, with applications showing unwanted ads to users in second place.

Less widespread but by far the most dangerous are mobile banking Trojans that often work in conjunction with their desktop counterparts, as was the case with Carberp-in-the-Mobile.

The Android platform allows software installation from untrusted sources, and one of the best ways to guarantee an infection is to install programs from suspicious websites. However, malware on the official Google Play application distribution platform is another trend that started in 2011 and continued in 2012, despite Google’s best efforts to reduce cybercriminal activity.

One of the most unusual examples of mobile malware in 2012 was the "Find and Call" application that managed to sneak into the Google Play store as well as Apple’s app store.

No comments:

Post a Comment