New malware discovered in Play Store apps, could pose a threat for corporate users
However, there are those rare moments, when a malware makes it to an official store, riding on the back of seemingly innocent apps and games. This is the case here, as a new type of malicious software, dubbed DressCode, has reportedly been discovered on the Google Play Store. The find has been posted by IT security company Check Point, who claims that there is a total of 40 apps on the Play Store infected by DressCode, the earliest one dating from April of 2016, and 400 more spread across unofficial app stores.
What this specific type of malware does is, it creates a so-called botnet. The attackers are able to use infected devices to route traffic through them. In the case of DressCode, Check Point says, the hackers only used it to generate false ad clicks and traffic, thus collecting ad revenue. However, a botnet can be used for much more serious attacks, such as gaining access to company servers and files, if you happen to be working in a BYOD office.
Google has been informed of the infected apps and will most probably be removing them swiftly. A few of them have been posted in the Check Point article, and it seems like the malware is generally embedded in “Dress-up” kids games — that's probably the source of the hack's name. But here's a reminder to always be careful what you download on a device you use for sensitive work. The Check Point video below explains how a botnet type of attack can be a huge problem for corporate users.
Of course, even if the infected devices are only used for ad traffic, you still have the issue with rogue processes running in the background, impacting performance and battery life.