+44 (0)207 489 2050 info@worldflow.net

phandroidThe recent discovery of malware on Android that could have been downloaded 9 million times is quite telling that the security and controls on the Google Play site are still of concern.

The scale is getting there compared to the Apple Store, and the range of Apps is there, but the lack of control remains.

Apps still spoof on people’s Phones by pretending to be a “real” App, and then connect to servers and load content both ways. Worse now, the BadNews malware was an SDK built into a number of Apps.

The SDK was disguised as an Ad network, and purported to provide developers with advertising revenues. Sadly what it provided was the details of the Phone it was downloaded onto to a central set of servers, and then in amongst what looked like real Ads, it put out upgrade messages to common Apps, like Skype and got the user to download more malware.

Sadly, as is often the case some of the malware was a Premium Text App, called AlphaSMS which runs up a users phone bill by sending expensive texts, and the first they know is when the bill comes in.

With the virus community on the PC the aim was often just to be there. With most of the Android malware the aim appears to be more straight forward, to steal money for the user loading their software.

This particular malware variation was on over 30 Apps all on Google Play. Because it was server based the App based tests, lay dormant, and then only later did the Ad SDK kick in and load phone details up and malware down.

Difficult to trap and then to track.

The malware writers are getting more effective at getting Apps onto the platform, and where there is money involved, they are likely to keep trying and innovating.

Share This