Previous Story
Google kicks out 13 malicious apps from Play Store
Posted On Jan 09 2016
Comment: Off
One of the 13 apps, which was known as Honeycomb, had as many as one million downloads before it was removed, according to researchers from Lookout, the mobile security provider that spotted the malicious entries. We found 13 brain test samples in total, written by the same developers. This is because the malware can resist the factory reset process. He further added that the apps not only show high download numbers but they also show up positive app reviews on the Google Play Store without taking the user permission so as to increase its number of downloads.
These applications try to get the root benefits and when given they copy numerous device files gadget records to the system partition that remaining parts untouched even after factor resetting the device.
According to Lookout, after the initial persistence routine is completed, several background services continue to check in with the command-and-control servers. That’s because the apps are often able to root the infected device and install themselves as system applications.
Lookout said that Brain Test’s end goal has always been money.
“In order to facilitate the installs, they rely on compromising a large number of devices and then pushing the installs to those devices”.
The application programs, which that have been withdrawn, comprise Jump Planet, Piggy Jump, Eat Bubble, Cake Tower, Hit Planet, Honey Comb, Tiny Puzzle, Cake Blast, Crazy Jelly, Just Fire, Ninja Hook, Crazy Block, and Drag Box.
Whilst a simple factory reset on an infected Android device will not remove the malware, Lookout said the best option for most users would be to re-flash a read-only memory (ROM) supplied by the device’s manufacturer. The malicious applications behave similarly to the phone-rooting malicious adware discovered by Lookout in November.
It appears as though the developers had spent the previous two to three months testing what titles and techniques they could use to get applications on Google Play without detection, before activating the sleeping software. In past Google removed apps that were replica of original apps of were very similar to some highly downloaded apps.
