Home
Mobiles
Mobiles News
BadNews for Android s: New malware disguises itself as an ad network

BadNews for Android s: New malware disguises itself as an ad network 5t461m

By Anupam Saxena | Updated: 22 April 2013 12:25 IST

ment

Mobile security company Lookout claims to have discovered BadNews, a new malware family that's affecting Android apps.

The company found the malware in 32 apps across four different developer s in the Google Play store. Talking about it in a blogpost, Lookout mentioned that the affected apps have been ed between 2,000,000 - 9,000,000 times. Google has removed all the apps and suspended s of the specific developers, as per Lookout.

Half of the affected apps were found to be in Russian and AlphaSMS, an SMS fraud malware that was also being pushed by BadNews is found to be involved in committing rate SMS fraud in the Russian Federation and neighbouring countries such as the Ukraine, Belarus, Armenia and Kazakhstan. The apps that feature the malware range from Russian dictionary apps to popular games to even innocent ones like apps offering salad recipes.

BadNews works by disguising as an ad network and later pushes malware to the 's device after an affected app is installed. It sends fake news messages, prompts s to install apps and sends sensitive information such as the 's phone number and device ID to its Command and Control server.

Following initial activation, the BadNews s its server every four hours for new instructions while sending sensitive information such as the device's phone number and its serial number (IMEI) to the server. The server replies with instructions including displaying (fake) news to s, and asking them to install new app updates. The app updates are new malware apps disguised with names of popular apps like Skype.

The malware acts as a challenge to the people who filter apps for malware at the Play Store as it's not directly included in the app and comes into existence after the app connects to the malware server.

However, Lookout mentions that it is not clear whether some or all of these apps were launched with the intent of spreading the BadNews malware or developers were caught unaware as they included code to earn money thinking that BadNews was just an ad network for monetization, as it's disguised as a fraudulent monetization SDK.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube. 86738

Further reading: mobiles