Sockbot malware was discovered in applications on Google Play Store
This month, Symantec discovered a new type of malware on Android called Sockbot, a legitimate application on Google Play that allows an attacker to create fake ad traffic.
This month, Symantec discovered a new type of malware on Android called Sockbot, a legitimate application on Google Play that allows an attacker to create fake ad traffic.
Symantec researchers claim that at least eight applications contain Sockbot identified and have between 600,000 and 2.6 million downloads and installations. The purpose of these applications is to change the look of the characters in the Minecraft Pocket Edition game. Besides, it also creates illegal advertising revenue.
- Google's new Play Protect system failed from the first test
Malware Sockbot implements a SOCKS proxy mechanism on infected devices
The name Sockbot comes from the operating mode of this malware. They install and deploy SOCKS proxy mechanisms on devices that infect and wait for commands from a remote C&C server.
Symantec also noted that this Sockbot malware could easily be expanded, leveraging some network vulnerabilities and being able to bypass security boundaries. In other words, attackers can use Sockbot to perform next DDoS attacks.
This is not the first Android botnet discovered this year. At the end of last August, the alliance of security firms together removed the botnet WireX, which includes more than 120,000 Android devices infecting and executing DDoS attacks.
Fortunately, Symantec has informed Google of eight malware-infected applications on October 6 and the company quickly deleted them from the Google Play store. However, this also reminds us to always be cautious when downloading any application on the Google Play Store store.
You should read it
- Detecting new malware on Android can damage phones
- How to remove malicious software (malware) on Android applications?
- Google 'purged' 24 applications downloaded nearly 500,000 times containing malicious malware
- These Android apps with more than 100,000 downloads contain Joker malware, please remove immediately
- Series of Android applications contain malicious code you should remove immediately from your device
- 5 types of malware on Android
- Detecting Android malware can easily steal OTP code without the victim knowing
- How does malware get into smartphones?
- Malware Judy attacked more than 36.5 million Android phones
- How to detect and remove malware Agent Smith on Android
- Detects many malicious Android applications that hide icons themselves to make it harder to uninstall
- New banking malware discovered that can remotely control Android devices
Maybe you are interested
How to replace console gaming with iPhone Instructions for turning on Dark Mode on Office 2019 'Brain-eating monster' is less than 20cm long and eats 3,000 mice every year? How to Create Power-Ups and Collections in Pygame How to create scrolling backgrounds in Pygame What is AES? What's special? How is this coding standard applied?