Detect malicious Android apps on Google Play

Many malicious applications hidden under the cover are popular games like Temple Run hidden on the Google Play app market.

The cybercrime pretended to be famous game and application development companies to put on Google Play a series of malicious products under the covers of famous games from Glu Mobile or Temple Run of Imangi. These "dirty" applications have the same name as the real application name with the "super" in the back.

Detect malicious Android apps on Google Play Picture 1

According to security analysts, cybercriminals decrypted the * .APK files (Android's installation file) and inserted malicious code and then repackaged it. Then upload to Google Play network for Android users to download.

If wary, users will realize that these harmful applications always require a lot of permissions, for example: access to data on the device, user contacts . Specific evidence for game Temple Run really only requires access rights to the network connection and storage of the device. Meanwhile, Temple Run Super requires both geographic location information, device status, access to the device's main account .

Cybercriminals build botnets from mobile devices

The concern of security experts has come true when Security Company CloudMark discovered trojan type that specialized in attacking Google Android platform, botnet establishment and spreading SMS spam messages. Security company Lookout calls the botnet after SpamSoldier.

This type of trojan belongs to malicious applications distributed on websites that offer free applications. Some famous Android games have been inserted with Trojan and spread like Need for Speed ​​Most Wanted, Angry Birds Star Wars, Grand Theft Auto 3 or Max Payne HD.

Once deceiving victims install on smartphones, malicious applications will send thousands of SMS spam messages to a list of malicious phone numbers held, remotely controlled by a server.

Spam messages will include links to malicious applications, to expand the scope of infection and increase numbers in the SMS botnet (network of infected devices and be used as a tool for spreading news. SMS spam messages are controlled by cybercrime).

According to CloudMark, malicious code will automatically activate when the device reboots, and it also transforms itself into a fake system running process. Victims will receive "huge" bills from telecommunications network service providers without understanding the cause.

Not only pretending to be popular games, malicious code is embedded in popular applications such as "blocking spam messages", promotional coupons to make victims fall off guard.

Mobile device users are recommended to install an anti-malware security application and do not install suspicious applications from unreliable websites. Be wary of spam messages with links.