Security research firm LookOut has discovered a new form of malware hiding within Russian “clone apps.” This new threat goes by the apt name of ‘BadNews’ and is thought to have been downloaded “millions of times” across the 32 detected apps.
But what happens with this specific malware? It will attempt to get the user to download other apps which further infect your phone, such as ‘AlphaSMS’ – an app hijacking your phone to sign up to premium SMS services, running up your carrier bill to the max.
The hijacking doesn’t end there – your phone number and IMEI (which uniquely identifies your handset) is sent back to the creators, most likely being sold on to marketing providers.
So were these apps built with malicious intent? It’s not easy to say. Many cases of malware apps were built with legitimate purposes, but then make bad decisions with certain ad providers. Generally speaking these providers just act as “Adware” serving you as many adverts as possible, a case known by many computer users at some point in their lives!
The real question is how are Google trying to prevent such occurrences on the Play Store? A scanner by the name of ‘Bouncer’ is constantly patrolling looking for any signs of malicious intent; but it’s a struggle, and apps can sneak past the security by posing as something they aren’t – in this case, an “innocent” ad network. In response to the report from LookOut, Google has removed all the infected apps (thought to be downloaded 2 million – 9 million times.)
Another large security firm McAfee reported in 2012 that it had seen a “1.5 million increase in malware since Q1 2012”; quite clearly users need to take precautions to protect themselves from such threats.
Let’s hope with Google Glass, we won’t soon be having such malware served directly to our eyes, or worse, streaming live feeds (with location) from our glasses! It’s a scary thought which Google needs to keep on top of ensuring users feel safe with their products.
Is malware on Android a huge issue if the necessary precautions are taken? Is Google doing enough to prevent occurrences happening?