BadNews malware seen in Google Play apps

Victor Barreiro Jr.

This is AI generated summarization, which may have errors. For context, always refer to the full article.

A security firm has found malware that has been downloaded up to 9 million times through the Google Play store

BADNEWS. Icons of apps with the BadNews malware on Google Play. Screen shot from Lookout

MANILA, Philippines – Security research firm Lookout Mobile Security has put out a report on a malware “family” that’s potentially been downloaded up to 9 million times by unsuspecting Android users through the Google Play store.

The malware, known as BadNews, was found in 32 apps across 4 different developer accounts in Google Play. Lookout adds, “According to Google Play statistics, the combined affected applications have been downloaded between 2,000,000 – 9,000,000 times.”

Lookout told Google about the issue, prompting Google to remove the apps and suspend the developer accounts in question until the situation has been investigated further.

BadNews can send fake news messages and prompt users to install apps. The malware can also send information, such as the phone number and device ID, to its command and control server.

Due to these abilities, the fake news messages can be used to push users to download other monetization malware or affiliated applications. Lookout adds, “During our investigation we caught BadNews pushing AlphaSMS, well known premium rate SMS fraud malware, to infected devices.”

Lookout calls this malware “a significant development in the evolution of mobile malware,” as the malware gains traction by posing as something legitimate, laying dormant and using a server to push the malware to action at a later time. Regular app vetting processes do not normally take into consideration such behavior.

Lookout suggests app developers take note of the third-party libraries they use for their apps, as unsafe libraries can put users and their apps at risk. Security managers must also now assume that app-vetting will not be enough, and that ongoing security monitoring is needed to check for malicious behavior in apps down the line. – Rappler.com

Add a comment

Sort by

There are no comments yet. Add your comment to start the conversation.

Summarize this article with AI

How does this make you feel?

Loading
Download the Rappler App!
Person, Human, Sleeve

author

Victor Barreiro Jr.

Victor Barreiro Jr is part of Rappler's Central Desk. An avid patron of role-playing games and science fiction and fantasy shows, he also yearns to do good in the world, and hopes his work with Rappler helps to increase the good that's out there.