More Malware Found on Google Play
Posted by: Timothy Weaver on 05/03/2017 12:03 PM
[
Comments
]
SophosLabs researcher Rowland Yu is reporting that a music player app uploaded to Google Play is in reality loaded with malware.
The app is called Super Free Music Player and it has been downloaded an estimated 10,000 times. It managed to bypass Google's security measures in the same manner as Brain Test malware. Super Free Music Player uses the same technique as Brain Test to gain root access on a device installing persistent malware.
When it is installed, it “starts a service called com.hole.content.Erpbiobuft to decrypt and drop the payload,” Sophos noted. It runs every hour. It first scans the device to see if it is running in a sandbox, then sets a timer to drop a second malware bomb in eight hours.
Sophos has alerted Google, but the only defense at this time is to simply not download it.
Source: SCMagazine
The app is called Super Free Music Player and it has been downloaded an estimated 10,000 times. It managed to bypass Google's security measures in the same manner as Brain Test malware. Super Free Music Player uses the same technique as Brain Test to gain root access on a device installing persistent malware.When it is installed, it “starts a service called com.hole.content.Erpbiobuft to decrypt and drop the payload,” Sophos noted. It runs every hour. It first scans the device to see if it is running in a sandbox, then sets a timer to drop a second malware bomb in eight hours.
Sophos has alerted Google, but the only defense at this time is to simply not download it.
Source: SCMagazine
Comments
