Google boots 13 Android apps for quietly downloading malware
Google has pulled 13 apps from the Play Store for secretly downloading malware onto users’ devices. At least one title had more than 1 million downloads before it was removed, and all had glowing reviews and great ratings. But they weren’t genuine.
All 13 apps contained malware from the “Brain Test” family, reports Ars Technica. Other apps containing this malware were first discovered last year, but they were hosted in third-party marketplaces. These ones were available from the official Play Store.
Once installed on a user’s device, the apps perform unauthorized malware downloads and attempt to gain root privileges. If they are successful, they cannot be uninstalled using normal means. Not even full factory resets can wipe them.
“While the apps were caught only making unauthorized downloads of other apps, their design made it possible for them to carry out a host of fraudulent actions that could be updated on the fly by the attacker-controlled command server they connected to,” explains Ars.
So, why all the positive reviews?
“The explanation for the apps’ high ratings and hundreds-of-thousands of downloads is the malware itself,” reports mobile security provider Lookout. Once the apps have compromised your device, they have the ability to quietly publish positive reviews and ratings themselves.
The apps could also download and review other malicious apps, causing their download figures to rise and allowing them to appear genuine and trusted in the Play Store.
The only way to completely remove the infected apps is to backup important data and re-flash the stock ROM supplied by the handset’s manufacturer — assuming you can acquire it, and you know how to flash ROMs. Fortunately, all 13 apps have now been pulled and banned by Google.
Here is the list of titles that were banned:
- Cake Blast
- Jump Planet
- Honey Comb
- Crazy Block
- Crazy Jelly
- Tiny Puzzle
- Ninja Hook
- Piggy Jump
- Just Fire
- Eat Bubble
- Hit Planet
- Cake Tower
- Drag Box
- SourceArs Technica