Mobile security developer lookout has discovered a family of malware in 32 apps from 4 developer accounts in the Google Play store. Called BadNews, the malware poses as an advertising network which instead of pushing adverts pushes malware and fraud programs.
The BadNews malware sends fake news messages to phones, prompts you to install applications and sends information on your phone to the BadNews servers. Lookout believes it avoided detection because the malware servers delayed any activity until after it had been widely distributed. It’s estimated to have been downloaded between two and nine million times.
Google has responded by removing all of the offending apps from the store, and suspended the developer accounts while they investigate further.
While malware is becoming more common on Android devices, the vast majority comes from non official app stores, so in general it’s still safer to download apps from Google Play.
According to an NQ mobile security report, the most common tactic used is to repackage genuine apps with malware and then distribute them on unofficial sites. Common malware behaviors are collecting personal data or remotely controlling your phone to send SMS messages to fraudulent premium services. Most malware infections happen in China and India, with the US accounting for around 10%.
[source: the lookout blog]