Google removes 8 apps from the Play Store that hid malware
The apps could connect the device to a botnet and provide ad-hoc advertising. This would be applications to change the appearance of the Minecraft characters.
Google has removed eight apps for Android from the Play Store, which, by hiding malware, can connect devices on which they are installed to a botnet, with the potential to perform DoS attacks or other malicious actions. The apps have already been downloaded on millions of devices.
Symantec researchers have discovered the problem. In fact, analyzing one of the suspicious apps, Assassins Skin for Minecraft that allows you to change the appearance of the characters of ” Minecraft: Pocket Edition “, the researchers have discovered well disguised malware Android.Sockbot, which establishes a persistent connection based on protocol Socket Secure (SOCKS) to a server that distributes advertisements and pushes the infected device to request the delivery of certain inaccuracies.
” This highly flexible proxy topology can easily be extended to take advantage of a number of network-based vulnerabilities and can potentially cross-border security boundaries, and in addition to implementing arbitrary network attacks, the extent of this infection could be exploited. to organize DDoS attacks ” the researchers write.
The names of the other apps were not disclosed, but the researchers said the problem is widespread in the US, Russia, Ukraine, Brazil and Germany.
What happened allows us to remember some good habits when it comes to downloading apps, especially for the Android operating system. Even if you are turning to the official store, it is good to stop for a moment and ask what is the real value and the true value of the app that we want to download.
If the developer has been known and in business for some time and check if other users have left comments on suspicious behavior. And in any case, it is good to follow the usual common sense: in doubt, avoid.