Researchers discover more BadNews on Google Play
Posted on 23.04.2013
The recently discovered BadNews Android malware was again discovered lurking on Google Play.

The Trojan has indeed been bad news for the users that downloaded it unwittingly - it harvested their device information, and what's worse, it tricked them into downloading other malicious apps.

After Lookout's discovery of the 32 apps that came bundled with the malware, Google has moved to remove both the apps and the accounts offering them. Still, it was much too late - millions of users have already downloaded and installed them on their devices.

According to Bitdefender, a less disruptive variant of the malware has been spotted in the wild some ten months ago, and their researchers hypothesize that it could have been a first attempt at testing a new malware delivery system able to bypass Googleís app screening process.

Following Google's Friday sweep that removed the 32 malicious apps, three new ones have popped up on the official Google Android online market: ru.yoya.anekdot, and They were removed by Google on Monday, but it's still unclear how they managed to dodge the scans that Google must have performed with Bouncer after Friday's discovery.

All the apps were masquerading as legitimate adware frameworks, which obviously presents a problem for the Bouncer. Google might consider looking into new ways of checking new apps added to Google Play, and the researchers also pointed out that Android developers should start paying attention to how adware frameworks behave.

In the meantime, Android users might consider installing security software on their mobile devices in order to catch similar threats.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th