Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Advanced malware gets into Google Play store twice, possibly 1M downloads

Advanced malware gets into Google Play store twice, possibly 1M downloads


Within the past month, malware disguised as an Android game twice made its way into the Google Play store and each time had between 100,000 and 500,000 downloads – making for a potential total infection rate of one million users. The threat is a working game called Brain Test and it was identified by security researchers with Check Point. Currently it has only been observed pushing advertisements, but the malware is quite advanced as it uses tricks to bypass app vetting system Google Bouncer, uses privilege escalation exploits to gain root access on the device, and takes steps to maintain persistency so it cannot easily be deleted. As per security researchers, the way the malware pushes advertisements is aggressive since they can appear on any screen at any time. They also added that the malware has a sophisticated framework that is only a few tweaks away from being able to practically take over a device. It is to be noted that the first version of Brain Test went into the Google Play store at an unknown date and was taken down on August. 24 and the second version went up on September. 10 and was taken down by Google on September. 15. The app does not ask for permissions or do anything glaring that would tip the user off that it is malicious.
 
Source:
SC Magazine
 
Cydefe
 
Team Cymru
 
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
 
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis