Android Malware in Over 3,000 Apps
Monday, October 3, 2016 @ 11:10 AM gHale
There are at least 3,000 Trojanized apps housing the DressCode malware with over 400 on Google Play and the remaining on third party app stories, researchers said.
The Trojanized apps range from games and themes to phone optimization boosters. In one case, a modification app for Minecraft PE (Pocket Edition) ended up modified to include the malware and has been downloaded from Google Play by at least 100,000 users, said researchers at Trend Micro.
DressCode’s main aim is to make the infected Android device part of a botnet used for click fraud, the researchers said.
It can also end up used for DDoS attacks and to send out spam. DressCode is also a threat to enterprise and home networks.
“If an infected device connects to an enterprise network, the attacker can either bypass the (Network Address Translation) NAT device to attack the internal server or download sensitive data using the infected device as a springboard,” Trend Micro researchers said in a blog post.
“While DressCode’s infection methods and behavior isn’t unique, the number of Trojanized apps that found their way to a legitimate app store is certainly significant,” the researchers said.
They went on to say users should be extremely careful when downloading and installing new apps.
“If you are downloading a new app, make sure it’s from a legitimate app store. Check reviews online and on the download page, and do a little research to make sure it’s not a malicious app,” they said.
Users should also make sure the operating system remains updated. The latest patches can ensure the latest identified vulnerabilities end up fixed.