Malware Found in Google Play: May have been Downloaded One Million Times
Posted by: Timothy Weaver on 09/22/2015 09:48 AM
[
Comments
]
Malware disguised as a game made its way into Google Play twice in the last month with an estimated total of 1 million downloads.
The threat is a working game called Brain Test and it was identified by researchers with Check Point.
So far, the app has been pushing advertisements, but it has features that make it difficult to remove as well as tricks to bypass app vetting system Google Bouncer.
Given a few tweaks and the app can take over a device according to Avi Bashan, technology leader at Check Point. The app, he added, does not ask for permissions or do anything glaring that would tip the user off that it is malicious.
Those who downloaded it will have to re-flash their device with an official ROM. Additional apps are also downloaded that prove persistency to keep reinstalling Brain Test after a normal removal.
The app got into Google Play because the author used a tool made by Baidu – called Packer – that obfuscates code and hinders analysis and reverse engineering efforts.
Source: SCMagazine
The threat is a working game called Brain Test and it was identified by researchers with Check Point. So far, the app has been pushing advertisements, but it has features that make it difficult to remove as well as tricks to bypass app vetting system Google Bouncer.
Given a few tweaks and the app can take over a device according to Avi Bashan, technology leader at Check Point. The app, he added, does not ask for permissions or do anything glaring that would tip the user off that it is malicious.
Those who downloaded it will have to re-flash their device with an official ROM. Additional apps are also downloaded that prove persistency to keep reinstalling Brain Test after a normal removal.
The app got into Google Play because the author used a tool made by Baidu – called Packer – that obfuscates code and hinders analysis and reverse engineering efforts.
Source: SCMagazine
Comments
