Connect with us

Hi, what are you looking for?


Game guide malware ‘targeted more than 500,000 users’

App-based guides for games, including Fifa and Pokemon Go, were used to target more than 500,000 Android users with malware, a cyber-security company has said.

The apps, discovered on the Google Play Store, were designed to take control of devices before downloading malware.

Unwanted ads could then be displayed to users, for example, according to researchers at Check Point.

Google did not respond to a request for comment.

More than 40 guide apps for popular games were found to be capable of delivering the malware to users’ devices, Check Point said.

It is thought that the apps were downloaded between 528,000 and 1.8 million times, though it is not known how many of these downloads resulted in the deployment of malware.

“Since the actual apps do not contain any malicious code themselves, it’s very hard to trace,” said Daniel Padon, at Check Point.

He added that when Check Point had notified Google about the apps they had been removed.

Advertisement. Scroll to continue reading.

But the researchers said that they continued to find more examples on the Play Store.

Connecting a botnet

Some of the apps were made available as long ago as November last year.

When one is downloaded, it asks users for device admin permission to ensure the software cannot be deleted.

It then attempts to establish a connection with a command and control server, turning the device into a bot in a botnet – a network of devices controlled from afar.

Malicious software can then be downloaded.

Mr Padon told the BBC that this could allow hackers to send illegitimate pop-up ads, use the device as part of a DDoS attack, or snoop on data sent via the device’s network.

Media captionEXPLAINED: What is a DDoS attack?

He said mobile botnets were becoming more common.

“We, other security vendors and Google have found different mobile botnets spreading via the Play Store,” Mr Padon said.

“This is a hard thing to stop – it could have a devastating impact.”

Advertisement. Scroll to continue reading.

The approach could indeed be dangerous, agreed Nikolaos Chrysaidos at cyber-security firm Avast.

“At the moment, it seems like the cyber-criminals behind the threat are only interested in making money from ads,” he said.

“The threat currently has very basic functionalities […] However, there is nothing stopping the threat from becoming more sophisticated in the future.”


You May Also Like


Professing to be the lead in Thai relationship with over 1.5 million enrolled single people, Cupid Media’s ThaiCupid brings the one in every of...


An exclusive article form Orestis Karipis In the 1930’s and 1940’s acid was the weapon of deceived husbands and wives in the Western world...


Read more about switzerland women here. Swiss ladies and men are not reknown for being the most chatty, outgoing or spontaneous when meeting strangers...


In food, if there is one thing you can say without fear of contradiction, it is this: Britain loves burgers. The UK market is...

Copyright © 2020 All Rights Reserved