Articles
Pages
Products
Research Papers
Search - Easy Blog Comment
Blogs
Search Engines
Events
Webinar, Seminar, Live Classes
Thursday, 04 May 2017 09:19

Malware-laden music player app downloaded by thousands of users found in Google Play Store

By: 

Security researchers have found a music player app in the Google Play Store, which has already been downloaded by thousands of users, to be riddled with malicious malware. Going by the name "Super Free Music Player", the app was uploaded to Google Play on 31 March and has already garnered between 5,000 and 10,000 downloads.

According to SophosLabs researcher Rowland Yu, the malware uses similar sophisticated techniques to evade detection by Google and security researchers that were previously seen in the BrainTest malware, such as the use of time bombs, domain or IP mapping and dynamic code loading.

Yu said the malware is able to download additional encrypted payloads from remote websites and upload a list detailing the infected device's information including its model, manufacture, SDK version, country, language and installed applications among other data.

In 2015, security firm Check Point discovered the BrainTest malware on a Nexus 5 smartphone which used various techniques to avoid detection and persistently remain on unsuspecting victims' infected devices. Although Google Play removed it from the app store, attackers repurposed it in the form of a music app.

"It came back to Google Play as Super Free Music Player and attracted 5,000 – 10,000 downloads," Yu said. "Sophos has detected them as Andr/Axent-DS."

SophosLabs said it has informed Google Play about their discovery.

The latest discovery comes as attackers continue to target Android users through malicious apps found in the official Google Play store. A recently discovered nasty strain of malware dubbed FalseGuide was found in a slew of Android apps including guides for popular games such as Fifa, Pokémon Go and World of Tanks. Experts warned that the malware could have infected nearly two million phones.

Another Android trojan called BankBot also targeted hundreds of applications on Google Play in an effort to steal mobile users' online banking credentials and payment card data.

This article was published in International Business Times By Hyacinth Mascarenhas

Leave a comment

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Subscribe to Our Newsletter

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media