Casa > cibernético Notícias > Brain Test Malware in Cake Tower and 12 Outro Google Play Apps
CYBER NEWS

Cérebro Teste Malware em Cake Tower e 12 Outro Google Play Apps

Aplicativos maliciosos foram sneaking em Google Play Store e afetando dispositivos dos usuários. Recentemente, a empresa Lookout segurança móvel reportou 13 aplicativos comprometidos localizados na loja. Respectivamente, Google removeu-las. Contudo, Lookout’s researchers have made a troublesome discovery – the developers of the Brain Test malware have returned.

consulte Mais informação:
Malware móvel 2015
How Did I Become a Victim of Cyber Crime?

BrainTest Malware Timeline

When Check Point researchers analyzed Brain Test back in September 2015, they concluded that the malware had reached a new level of sophistication. Brain Test then became one of the biggest threats on the mobile malware market.

The first appearance of Brain Test followed a similar scenario as with the recently deleted 13 Google Play apps. The malware was included in an Android game called Brain Test and was published twice on Google Play. Statistics revealed that each instance was downloaded between 100,000 e 500,000 vezes. Conseqüentemente, the infection span of the malware reached the horrid number of 200,000 para 1 milhões de usuários. Once Check Point researchers discovered the malware now dubbed Brain Test, they contacted Google Play.

Contudo, the malware authors didn’t waste much time. Em outubro 2015, new instances of Brain Test, similar to the initial ones, were discovered by Lookout. As más notícias? Some of the newly discovered apps had hundreds of thousands of downloads and, even worse, at least a four-star average review score. The high scores of the apps were an indication of a good experience with the app.

shutterstock_240798115The conclusion was easy to make – the developers of Brain Test malware successfully entered Google Play by using a somehow legitimate game. During those discoveries, Lookout researchers were still not sure who the developers of the malware were. Just before Christmas, the Cake Tower game received an update about a functionality similar to the first versions of Brain Test that partially gave away the malware origin. A new command and control server was also discovered which confirmed who the developers were.

This is what Chris Dehghanpoor from Lookout mobile security firm has said:

“Alguns [Aplicativos] are highly rated because they are fun to play. Mischievously, Apesar, the apps are capable of using compromised devices to download and positively review other malicious apps in the Play Store by the same authors. This helps increase the download figures in the Play Store. Especificamente, it attempts to detect if a device is rooted, e se, copies several files to the system partition in an effort to ensure persistence, even after a complete factory reset.

Some of applications removed from Google Play included Cake Tower, Cake Blast, Eat Bubble, Honey Comb, Crazy Jelly, Crazy Block, and Tiny Puzzle.

What Do Brain Test Malware Strains Do?

As pointed out by Lookout, after the initial persistence routine is finalized, several background services continuously check in with the command-and-control servers. As with the initial Brain Test versions, the latest variant is also programmed to download additional configuration parameters from the command-and-control server, execute arbitrary commands as root, and dynamically execute Java code.

Referências

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...