Another week, another new malware deleted. And this time, it brings with it another level of “sophistication” according to Check Point Mobile Threat Prevention, which reported the mobile malware to Google earlier this month. It was packaged within an app called BrainTest and was even published twice on Google Play Store, with each having around 100,000 to 500,000 downloads and the aggregated infection rate reaching 200,000 to 1 million users.
The user of a Nexus 5 smartphone where the malware was first detected removed the app once the threat was exposed. However, the app reappeared again even though said user did not reinstall it. That is one of the things this malware does, which is install unwanted apps and put in ads as well. But what’s scarier is that it establishes a rootkit onto the targeted device and so they can execute any code they want, including potentially downloading financial credentials on the smartphone through a payload.
Despite the Check Point report to Google, and their subsequent removal of the app from the Google Play Store, it manages to bypass malware detection through several sophisticated techniques. It also installs an application similar to itself and so these two monitor the removal of each other and actually protects each other from being removed.
So what do you do to fight this threat? Make sure that you have an up-to-date anti-malware software on your mobile device. But if it has already infected your phone, Check Point suggests that you re-flash it with an official ROM.
SOURCE: Check Point