Malware identified across 32 Android apps, possibly affecting over 9 million users
BadNews disguises itself as an advertising network. The program has the ability to send fake news messages and gathers personal information like phone number, device ID. Moreover, the app has the ability to send notifications prompting users to download more applications.
Users infected by BadNews would also be pushed premium SMS messages. What is interesting is how the malware made it to the scene. Since it is not native to the app, it does not go through the same integrity check as the app itself.
The 32 apps are listed below and have been removed from the Google Play store. The developer accounts associated with them have been suspended while Google looks into things. It is possible that some (or all) of the developers were not aware of the third-party nature of this problem. BadNews is designed to look like a regular advertising SDK, so it is entirely possible that some of these apps were developed with no ill-will in mind.
The good news in all this is that out of the worldwide Android user base, only between 2 and 9 million appear to be at risk, so the odds are in your favor that this will not be an issue for you. A little over half of the apps are Russian, the rest are English, and they cover a wide variety of genres from games to wallpapers to dictionaries. If any of these apps are on your device, you will want to make sure your operating system is prevented from accepting installs from “unknown sources” and you might want to consider employing some type of mobile security.