Viking Horde botnet malware lurks on Google Play

  • 10 May 2016
  • 4 replies
  • 232 views

Userlevel 7
Badge +54
Zeljka Zorz - May 10, 2016
 
Five apps on Google Play carry Viking Horde, a new malware family that ropes Android devices into an ad-clicking botnet, but can also make them send out spam, send SMS messages to premium-rate numbers, download additional apps, and even participate in DDoS attacks.
 
The discovery was made by Check Point researchers, and they have notified Google about it on May 5, but as I’m writing this, the apps are still available on Android’s official app store.
 
                                


 
Full Article

4 replies

Userlevel 7
So much for Google's much vaunted policy of restricting apps so as to make the Store a more secure source of software...LOL...and whatnis worse is that even when advised of the issue they have done NOTHING...not good at all. :@
Userlevel 7
Out of sight Out if mind that is Google approach don't bother their making money no time for the small stuff.
Userlevel 7
Badge +54
Sadly it looks like the apps are still available as well.
 

Enlist phones in ad fraud, premium SMS, loser DDoS

 
17 May 2016 at 06:31, Darren Pauli
 
"Perhaps the most dangerous functionality is the update mechanism [which] allows downloading and executing any remote code on the device," the pair say.
 
"The botnet created by the attackers spread worldwide to users from various targeted countries."
A series of sought permissions has lead to user suspicion and subsequent low-ranking on the Google Play store.
 
The apps will ask for admin rights and root permissions on rooted devices which, if granted, will grant the malware persistence and make it difficult to remove.
 
Malicious components are installed (either internally or on an SD card) while the game boots. From there, a link to a command and control server is established where information about the infected phone is sent, and attackers can return commands.
 
                                   

  
Full Article
 
 
Userlevel 7
They really are a dozy bunch when it comes to things related to security...and quick to criticise others for a lack of alacrity in fixing thinks...perhaps they should be just as hard on themselves...LOL

Reply