Malware identified across 32 Android apps, possibly affecting over 9 million users

Malware identified across 32 Android apps, possibly affecting over 9 million users
Mobile security firm Lookout has identified a number of apps which have been compromised by a malware program called BadNews.

BadNews disguises itself as an advertising network. The program has the ability to send fake news messages and gathers personal information like phone number, device ID. Moreover, the app has the ability to send notifications prompting users to download more applications.

Users infected by BadNews would also be pushed premium SMS messages. What is interesting is how the malware made it to the scene. Since it is not native to the app, it does not go through the same integrity check as the app itself.

The 32 apps are listed below and have been removed from the Google Play store. The developer accounts associated with them have been suspended while Google looks into things. It is possible that some (or all) of the developers were not aware of the third-party nature of this problem. BadNews is designed to look like a regular advertising SDK, so it is entirely possible that some of these apps were developed with no ill-will in mind.

The good news in all this is that out of the worldwide Android user base, only between 2 and 9 million appear to be at risk, so the odds are in your favor that this will not be an issue for you. A little over half of the apps are Russian, the rest are English, and they cover a wide variety of genres from games to wallpapers to dictionaries. If any of these apps are on your device, you will want to make sure your operating system is prevented from accepting installs from “unknown sources” and you might want to consider employing some type of mobile security.

source: Lookout


FEATURED VIDEO

53 Comments

1. syedzain

Posts: 175; Member since: Oct 08, 2012

So for the open source lol

2. sorcio46

Posts: 435; Member since: Jul 27, 2011

Which part of Open Source has to deal with this?

13. gallison1983

Posts: 47; Member since: Dec 19, 2012

Nothing. There is nothing about open source that makes is more or less attractive for attack. It's the open market and third party market for apps that brings on the malware, my friend. Kudos to Google for removing malware. I would like to see them step it up. As the main curator for Android apps, Google owes it to their user base to protect those who don't know what they are doing.

50. sats.mine2k4

Posts: 208; Member since: Aug 10, 2012

So you never used a PC did you?

52. akki20892

Posts: 3902; Member since: Feb 04, 2013

Damn, Hate this Malware.

3. kozza3

Posts: 778; Member since: Oct 17, 2012

omg omg omg i have to download lookout nnnnnnoooooowwwww!!!! /s

4. moronman66

Posts: 162; Member since: Jan 09, 2012

Why is an app called "Savage Knife" the most downloaded here?

44. blingblingthing

Posts: 979; Member since: Oct 23, 2012

Who downloads this crap? Savage knife Lol?

58. bluescreen

Posts: 154; Member since: Nov 22, 2012

appearntly alot of people wanting to let out their inner serial killer without going to jail?

5. FlushGordon unregistered

In Soviet Russia......

31. minteke

Posts: 30; Member since: Jul 27, 2012

Flush your history knowledge and reset it. There is no such thing; you must spent the last quarter of the century in a cave.

6. WakaFlakaD

Posts: 576; Member since: Apr 30, 2011

Good thing I had switched to iPhone...well at least less virus/malwares =)

7. deathgod

Posts: 122; Member since: Nov 23, 2011

If you switched to an iPhone because of something like this, it says alot about you.... Personally, I've never had a problem with malware/viruses since I've had an android device (Nexus S -> Galaxy Nexus). I'm running Lookout but common sense has prevented me from having issues with rogue apps. But I guess what they say is true "Common sense isn't too common anymore" :)

8. WakaFlakaD

Posts: 576; Member since: Apr 30, 2011

Well of course not lol. I got sick of Android for now(if you click on my profile, those are the phones that I had) I never even bothered to install Lookout. I mostly just use whatever apps I can download, except the obvious suspicious ones. I had been rooting all my Android phone since the Vibrant. Don't thumb me down simply cuz I mentioned iPhone lol =) I just need something fresh and iPhone for T-Mobile came out perfectly. Next up is the S4

12. WakaFlakaD

Posts: 576; Member since: Apr 30, 2011

Oh iPhone...thumbs down lol

21. xperiaDROID

Posts: 5629; Member since: Mar 08, 2013

Oooo....iPhone eh? THUMBS DOWN If you're still using Android then THUMBS UP If you switched to Windows Phone then THUMBS UP If you switched to BlackBerry then THUMBS UP So, THUMBS DOWN for you for switching to iPhone! lol xD

23. WakaFlakaD

Posts: 576; Member since: Apr 30, 2011

Haha, I will be back to the Galaxy family soon! =) As we all phone junkies, we constantly switch different phones. It's the norm for us.

26. xperiaDROID

Posts: 5629; Member since: Mar 08, 2013

I was just kidding, don't know why all the thumbs down, same as the comment #16, they thumb me down, I guess they're not friendly at all. So new lesson in PA, do not ask anyone about the phone's problem in PA!

55. Topcat488

Posts: 1417; Member since: Sep 29, 2012

I've carried a (iphone and the OG - Note) for a couple of years now, best of both, of the best operating systems for ME... Why hate when for me both are great. Peace :)

25. nerdylish

Posts: 51; Member since: Apr 13, 2013

Oh, lame comment, eh? THUMBS DOWN for you! xD

46. blingblingthing

Posts: 979; Member since: Oct 23, 2012

Also. Android OS is more secure then Apple iOS. It is just that Google seems to have laxed on the app approval scene.

48. papss unregistered

thanks for making me laugh

14. rgxVOiD

Posts: 440; Member since: Aug 30, 2012

So the only chance that you'll end up downloading these app is that you're either Russian, fat or stupid

15. PhoenixWright

Posts: 102; Member since: Feb 11, 2013

I've lived with Windows for more than 14 years now. Then I've had Android for a good time too. I can certainly 99.99% GUARANTEE THAT THE BEST FREE ANTI-VIRUS AND ANTI-MALWARE APPLICATION IS CALLED "BRAIN" AND IF YOU PURCHASE IT NOW WITHIN THE FIRST 20 MINUTES, I'LL ADD IN "COMMON SENSE" TO ITS DATABASE. It works on all devices and problems you have. Even with your wife, your neighbors, and everything even your kitchen sink.

16. xperiaDROID

Posts: 5629; Member since: Mar 08, 2013

Don't know what's wrong with my phone (Xperia Z), my phone's WiFi doesn't turn on, after that I restart my phone and everything is back to normal. Is this a malware? I'm using AVG antivirus by the way!

17. bucky

Posts: 3794; Member since: Sep 30, 2009

no no, thats android.

18. xperiaDROID

Posts: 5629; Member since: Mar 08, 2013

Oh, ok. :)

36. tedkord

Posts: 17453; Member since: Jun 17, 2009

But at least the maps get him to the right place. So it's a tradeoff.

51. Eonnaydra

Posts: 217; Member since: Oct 23, 2012

Seriosly,it's Sony's problem because Xperia Z has many flaws:alot of lag,the lack of innovation in camera's software(despite having 13 mp,the pics are looking bad in comparasion with other android flagships,iPhone 5),the Timescape UI looks outdated compared to the last touchwiz present on S4 or with HTC Sense on the HTC One. And I've seen that you always say that Xperia Z is the best looking smarthphone and I'm laughing everytime when I see it :) .In fact Xperia Z has a bad ergonomy,it's too huge compared with the S4(which is actually smaller than S3) and looks like a brick.

19. Nimit_Desai

Posts: 18; Member since: Mar 29, 2013

Plzz anyone out here...HELP ME...frm 2 days I cant see anyone online and I cant chat wid anyone...I tried to reinstall tje fb app...and also to install various messengers but it all failed. ...plz give me a solution...m usimg a galaxy note 2. ..I request you. ...

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.