Malware masquerading as games show up on Google Play

About The Author

CNET Editor

Lexy spent her formative years taking a lot of photos and dreaming in technicolour. Nothing much has changed now she's covering all things photography related for CNET.

Symantec has discovered that malware snuck its way into certain legitimate-looking apps, which were available for download from the Google Play store.

(Credit: Symantec)

The two games, Super Mario Bros and GTA 3: Moscow City, were both downloadable from 24 June, and were disguising the Android.Dropdialer malware, which sends SMSes to premium-rate phone numbers. The malware was downloaded between 50,000 and 100,000 times before it was removed from the store.

According to CNET Australia's sister site ZDNet, security firm F-Secure found evidence of the same malware residing in other apps on the Play store within 10 seconds of scanning.

As the malware connects to only specific premium phone numbers, it's unlikely that it would affect users residing outside the country that the dialler is targeting.

According to Symantec:

In the case of Android.Dropdialer, the first stage was posted on Google Play. Once installed, it would download an additional package, hosted on Dropbox, called "Activator.apk". This additional package sends SMS messages to a premium-rate number. An interesting feature of the secondary payload is that it prompts to uninstall itself after sending out the premium SMS messages — an obvious attempt at hiding the true intent of the malicious app. The premium SMS is targeting Eastern Europe.



Add Your Comment

Avatar
 

Be the first to comment on this story!


Post comment as


Sponsored Links

Recently Viewed Products