New Android malware found in some paid gaming apps

New Android malware found in some paid gaming apps
We've heard a lot of different malware reports before – in both Android and iOS. But nothing is as a perfect mix between scary and infuriating as this one.

Security experts at Palo Alto Networks report having found three different versions of a new malware that they are calling "Gunpoder". The rascal can be found in some Nintendo emulators (no names given) and, once it is nested onto your smartphone, it specializes in collecting bookmarks and browser histories, sending itself to other people over SMS, showing fraudulent advertisements and executing other code.

What's really gutting us is that the worm is hidden behind a paywall – the victims are prompted to pay a license fee for the emulator (between $0.20 and $0.49) and the malware activates after the payment is made. It is packaged with an adware library in such a manner that current antivirus tools don't detect it. According to Palo Alto, targeted users are residents of Iraq, Thailand, India, Indonesia, South Africa, Russia, France, Mexico, Brazil, Saudi Arabia, Italy, USA, and Spain. Interestingly, the malicious code will not send itself over SMS to anybody if it detects that the user is in China.

Have you downloaded any Nintendo emulators recently? How does all this make you feel about your phone's security?

via: Ubergizmo

FEATURED VIDEO

41 Comments

1. WallStreet

Posts: 256; Member since: Sep 21, 2014

Doesn't infect Chinese residents- well, who could be behind this?

3. Awalker

Posts: 1962; Member since: Aug 15, 2013

Yes, who would make malware that targets everyone except the Chinese?

15. pppddd

Posts: 19; Member since: May 11, 2015

It does...just not over SMS

16. BobbyBuster

Posts: 854; Member since: Jan 13, 2015

Beauty of Android: EXCLUSIVE malwares.

30. 99nights

Posts: 1152; Member since: Mar 10, 2015

Wasn't there exclusive malware just on apple recently troll idiot?

18. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

Thanks for sharing, Paul K. Its the yin and the yan of open source platform. Yin: People are free to put malicious code in their App. Yan: Its also easier for security expert to develop more advance method to detect and eliminate them.

2. xperian

Posts: 417; Member since: Apr 10, 2014

Not only Nintendo emulators, I had Mega Drive emulator and it had a virus

4. phonehome

Posts: 812; Member since: Dec 19, 2014

This is why I am resistant to downloading applications. Also because they take up memory. Especially the case not to download browsing apps.

5. Martin_Cooper

Posts: 1774; Member since: Jul 30, 2013

Google really needs to start controlling those apps that they approve more easily than I fart. Is there any kind of control or you just make a virus post in on google play and next day its up for grabs?

6. Awalker

Posts: 1962; Member since: Aug 15, 2013

How do you know these apps are in the Play Store?

9. Nicko97

Posts: 49; Member since: May 25, 2015

Where else do you download paid apps that are tied with your account

13. Ordinary

Posts: 2454; Member since: Apr 23, 2015

Do a google search and come back here

23. RebelwithoutaClue unregistered

Where have you read that they are tied to your account? And the paid apps are payable thru paypal and skrill. So NO not to be found in the Playstore at all.

27. Awalker

Posts: 1962; Member since: Aug 15, 2013

Where are you getting your information from - that these are paid apps tied to your account?

8. xondk

Posts: 1904; Member since: Mar 25, 2014

I don't think a lot of people get virus' from google play, it is likely from installing from unknown sources or third party stores, so yeah.

11. BoobyBuster

Posts: 62; Member since: Jun 18, 2015

Excuses, excuses and more excuses ROFL.

20. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

Waiting for you to log in to the other 5 troll accounts. Tired?

21. xondk

Posts: 1904; Member since: Mar 25, 2014

Excuses? what is being excused? that people install stuff from bad locations? like they do on both android and apple? is that really a surprise?

35. jroc74

Posts: 6023; Member since: Dec 30, 2010

Read the source link and try this again If we are talking strictly about this article....its not an excuse...its the truth.

24. RebelwithoutaClue unregistered

These apps are not from not Playstore, nor are they virusses. They are malware, big difference. There isnt a virus yet for Android.

31. 99nights

Posts: 1152; Member since: Mar 10, 2015

He hasn't a clue lol.

42. xondk

Posts: 1904; Member since: Mar 25, 2014

True :)

25. hound.master

Posts: 1044; Member since: Feb 27, 2015

Exactly the opposite since of the apps in Google play could turn out to be virus a complete virus not an app at all.

29. boosook

Posts: 1442; Member since: Nov 19, 2012

lol... every system is vulnerable... iOS, MacOS, Linux, Windows, Windows Phone, Blackberry and Android... all vulnerable... just google about what happened in these days to "Hacking Team" and their spy software, which runs on EVERY operating system.

33. meanestgenius

Posts: 21485; Member since: May 28, 2014

BB10 was not found to be infected by the "Hacking Team" spyware.

12. vincelongman

Posts: 5628; Member since: Feb 10, 2013

Google are trying their best, but just like with Apple or MS, there's still going to be a few that slip through the gaps

7. xnga123

Posts: 51; Member since: Dec 05, 2014

after stealing designs and other stuffs,the c people want to steal everyone's data?i wonder what would they do by collecting data of thousands of people?

10. BoobyBuster

Posts: 62; Member since: Jun 18, 2015

Beauty of Android: Premium malware ROFL.

14. gaming64 unregistered

Go away.

32. 99nights

Posts: 1152; Member since: Mar 10, 2015

Are you also the 6 or 7 other patriot accounts.. Wow sad life dude, grow up and enter the real world and get out you're mothers basement.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.