BadNews malware found in Android apps on Google Play Store

Malware found in 32 apps available for download from the Android app store.

By Nikhil Pradhan Published Date
22 - Apr - 2013
| Last Updated
22 - Apr - 2013
BadNews malware found in Android apps on Google Play Store

A new malware, named ‘BadNews,’ has been found in 32 apps available to download for Android devices from the Google Play Store. Lookout, a company that makes security software for smartphones, revealed that it had found 32 apps, published through four different developer accounts, that were infected by the BadNews malware which hid itself as an advertising network being used by the app. According to Lookout’s blog post, the malware engineers created the fake ad network in order to push the malicious code to the infected apps.

If installed on a phone, BadNews is capable of sending fake news and notifications to users in order to get them to install other malicious software and is also able to capture and transmit hardware information such as a phone’s IMEI number to the malware creators. Lookout points out that BadNews can also secretly send messages to premium SMS malware which can be billed to the user. Most of the infected apps seem to be Russian in origin and include a whole gamut of apps including games, wallpaper apps, adult apps and even recipe apps. Lookout notes that it’s not necessary that the app developers had malicious intents but could have instead implemented the fake ad network into their apps without doing the proper security checks.

The list of apps found to be infected with BadNews malware.

All of the 32 apps have been pulled from the Google Play Store at the time of writing this story. However, Tech Crunch points out that these apps have been downloaded by at least 2 million Android users worldwide, although that number could also go up to 9 million.

Google has been fighting hard against the image of Android being a haven for malware but it has been a difficult battle. In May of last year, Google announced its Bouncer tool that would automatically scan all the apps in the Play Store for malware and other malicious software. The fact that BadNews was found in the official Play Store means that Bouncer isn’t completely effective. Google also revealed that Android 4.2 Jelly Bean would have a built-in malware scanner that would verify apps being installed on a device. Unfortunately, researchers discovered that the scanner was only able to detect 15% of genuine threats.

Security researchers have also warned that as the number of Android users increases in 2013, so will the quantity of malicious apps and software.

Sources: Tech Crunch, The Lookout Blog

Nikhil PradhanNikhil Pradhan