New Android malware found in some paid gaming apps
Security experts at Palo Alto Networks report having found three different versions of a new malware that they are calling "Gunpoder". The rascal can be found in some Nintendo emulators (no names given) and, once it is nested onto your smartphone, it specializes in collecting bookmarks and browser histories, sending itself to other people over SMS, showing fraudulent advertisements and executing other code.
What's really gutting us is that the worm is hidden behind a paywall – the victims are prompted to pay a license fee for the emulator (between $0.20 and $0.49) and the malware activates after the payment is made. It is packaged with an adware library in such a manner that current antivirus tools don't detect it. According to Palo Alto, targeted users are residents of Iraq, Thailand, India, Indonesia, South Africa, Russia, France, Mexico, Brazil, Saudi Arabia, Italy, USA, and Spain. Interestingly, the malicious code will not send itself over SMS to anybody if it detects that the user is in China.
Have you downloaded any Nintendo emulators recently? How does all this make you feel about your phone's security?