These apps managed to sneak their way onto Google Play through the art of deception. These eight apps have been designed to enslave the devices that download them into a botnet army, and have impacted almost 2.6 million devices already. Just this week, cybersecurity researchers discovered Minecraft Android apps in the Google Play store that have been infected with Sockbot malware. It’s become so popular, in fact, that there’s even mobile app versions of the game.Īnd now malicious versions of these apps exist too. That’s why the video game Minecraft, which allows players to build constructions out of textured cubes, has grown in popularity. In general, it might be a good idea to think about whether you really need that slightly sketchy-looking app from a mysterious developer before you load it onto a device that contains most of your personal information.We all love a good game, especially those that allow us to create and innovate with the touch of our fingertips. Many of the scammers appeared to be taking advantage of lax vetting procedures for newly added apps one titled “ Mobile protection: Clean & Security VPN” rose to the top 10 grossing productivity apps in the Apple store before it was revealed to be charging users some $US99.99 ($127) a week.
In June, CNET noted bogus apps were quickly becoming an industry-wide problem, including on Apple’s App Store and third-party networks.
Symantec wrote that the developer account behind all eight apps, FunBaster, had apparently encrypted parts of the code to thwart “base-level forms of detection.” Google Play has since removed the apps from the store.Īs Ars Technica noted, the incident is yet more evidence Google Play is “chronically unable to detect untrustworthy apps before allowing them into its official app bazaar.” In just one other example in August, Google Play expelled at least three faux messaging apps it discovered were “capable of covertly taking photos, recording audio, retrieving call logs, and more.” In addition to enabling arbitrary network attacks, the large footprint of this infection could also be leveraged to mount a distributed denial of service (DDoS) attack.
This highly flexible proxy topology could easily be extended to take advantage of a number of network-based vulnerabilities, and could potentially span security boundaries. However, Symantec wrote there is no functionality in the apps to actually display advertising, suggesting those servers could have been directing compromised devices to participate in a variety of malicious activities: But they also connected to a command & control server that bombarded the compromised Android devices with requests to connect via the Socket Secure (SOCKS) protocol to ad servers. According to Symantec, the apps in question did actually perform as intended, allowing Minecraft players to waltz around as various characters (like an “assassin”).
0 kommentar(er)
