- Jun 9, 2013
- 6,720
There was a timely reminder from Lookout Security on Wednesday that not everything on official app stores is legitimate software, after the security firm revealed it found 13 apps containing the Brain Test malware on Google Play.
The malware was first spotted by Check Point back in September using a range of privilege escalation exploits to install a rootkit on victim devices to achieve persistence.
Its primary goal is to download and install additional APKs as per the instructions coming from the C&C server, with the ultimate aim of making money for its creator by guaranteeing application installs for eager developers.
“There has been an emergence of entities, primarily originating from China, that have been selling guaranteed application-installs to developers,” explained Lookout senior security analyst, Chris Dehghanpoor.
“In order to facilitate the installs, they rely on compromising a large number of devices and then pushing the installs to those devices. Similar tactics have been around for many years in the PC world, and we’ve seen multiple Android malware families take a similar approach.”
Where Brain Test differs, however, is being able to trick Google into allowing it on the official Play store—in some cases obtaining over 500,000 downloads and average ratings of 4.5.
“The explanation for the apps’ high ratings and hundreds-of-thousands of downloads is the malware itself. First off, some of the apps are fully-functioning games. Some are highly rated because they are fun to play,” said Dehghanpoor.
Full article. Brain Test Malware Discovered Back on Google Play
The malware was first spotted by Check Point back in September using a range of privilege escalation exploits to install a rootkit on victim devices to achieve persistence.
Its primary goal is to download and install additional APKs as per the instructions coming from the C&C server, with the ultimate aim of making money for its creator by guaranteeing application installs for eager developers.
“There has been an emergence of entities, primarily originating from China, that have been selling guaranteed application-installs to developers,” explained Lookout senior security analyst, Chris Dehghanpoor.
“In order to facilitate the installs, they rely on compromising a large number of devices and then pushing the installs to those devices. Similar tactics have been around for many years in the PC world, and we’ve seen multiple Android malware families take a similar approach.”
Where Brain Test differs, however, is being able to trick Google into allowing it on the official Play store—in some cases obtaining over 500,000 downloads and average ratings of 4.5.
“The explanation for the apps’ high ratings and hundreds-of-thousands of downloads is the malware itself. First off, some of the apps are fully-functioning games. Some are highly rated because they are fun to play,” said Dehghanpoor.
Full article. Brain Test Malware Discovered Back on Google Play