It appears as if another malware scare has come to Android. In this case, Lookout has said they discovered a new malware family which was found to be in 32 different apps. This family of malware has been dubbed BadNews, however coming as a bit of a silver lining, Google has already removed the infected apps.
Basically, that is just to say that while this is something to take note of, there isn’t anything to worry about at this very moment. Of course, things can change and BadNews could return for download. With that in mind, lets get into what these apps were doing. Lookout has said they appear to have been passing themselves off as an innocent, but aggressive advertising network. In reality, they were not so innocent. These apps were said to be sending fake news messages and also prompting users to install other apps and send sensitive information to include device ID and phone numbers.
The BadNews apps were also noted as using those fake news messages to promote affiliated apps and also push other types of monetization malware. One of the apps being pushed was AlphaSMS which is a premium rate SMS app. Of these 32 apps that were discovered by Lookout, they were split out between four developer accounts and are believed to have been downloaded a minimum of 2,000,000 times. Or more specifically, based on the stats coming from Google Play, Lookout estimates these were downloaded between 2,000,000 and 9,000,000 times.
Aside from the potential for damage from what has already been mentioned here, Lookout further talked about how BadNews presents a “significant development in the evolution of mobile malware.” The reason as to why this is said to be a significant development is because BadNews used a server to delay its behavior, which was why they were able to reach so many users before being discovered. Bottom line here, using some caution and common sense when installing apps should be a given, however it may also be a good idea to run some sort of malware scanner.
[via Lookout Blog]