Symantec has discovered a new piece of Android malware, that has since been removed from the Google Play store, that achieved between 50,000 and 100,000 downloads of malicious apps before being identified. The malware is known as Android.Dropdialer and it was posted on Google Play, packaged under names such as Super Mario Bros and GTA 3 Moscow City, on June 24. Google's Android Security division quickly pulled the malware program from Google Play after being alerted to the issue by Symantec.Symantec thinks that the reason the malware wasn't discovered until a few weeks later was because it used an outside service to download the main package.
Symantec's blog states:
In the case of Android.Dropdialer, the first stage was posted on Google Play. Once installed, it would download an additional package, hosted on Dropbox, called ‘Activator.apk’. This additional package sends SMS messages to a premium-rate number. An interesting feature of the secondary payload is that it prompts to uninstall itself after sending out the premium SMS messages—an obvious attempt at hiding the true intent of the malicious app.This newest malware discovery shows that people should be careful about downloading any app, even on authorized download services.
0 comments:
Post a Comment