The research team at Check Point Mobile Threat Prevention has discovered a new malware they named “DressCode”, and it is embedded in 40 apps already in the Google Play Store. The malware is also infecting devices through 400 more apps in third party app stores all around the internet. Check Point has already informed Google about it, but it’s always good for us to have information.
Check Point said that the oldest apps with the DressCode malware which were in the Google Play Store were dated back to April 2016, so it’s a fairly recent malware. Some of these apps reached between 100,000 and 500,000 downloads each, so that puts it at a possible 500,000 and 2,000,000 users who might have downloaded these malicious apps from Google Play.
What DressCode does is create a botnet. In simple terms, a botnet is a group of devices controlled by hackers without the knowledge of their owners. Check Point researchers say that the botnet created from these devices might have been used to generate ad clicks and false traffic to thereby generate ad revenue for the hackers. That’s fairly tame use of a botnet, considering what else they might be able to do in control of these devices. See the video below created by Check Point to generate awareness to this malware.
Google has taken down these apps that were reported, and you might have installed one of them. Check the source link below to look at the complete list of apps infected by this malware.
SOURCE: Check Point
Mobile devices are so closed it’s impossible to know what’s running on them. Only a system update really cleans the device, and as soon as apps are installed it’s all over. I’ve been a systems guy for forty years and this one is beyond my ability to monitor it and it doesn’t feel good.
Windows 10 mobile.