Malicious Android Apps Posing As Your Favorite Games On Play Store - Attack of the Clones!
@satya-swaroop-YDeBJM
•
Oct 20, 2024
Oct 20, 2024
1.3K
Android users must now be very careful of what apps they install on their device. Apps posing as your favorite games could be malicious ones. A developer going by the name “apkdeveloper†has been reverse engineering the APK (Android application package) files of popular titles from Imangi Studios and Glu Mobile and inserting code that can prove to be harmful. Later he uploads these modified APKs by attaching the word ‘Super’ making them seem as an upgraded version of the game. As compared to the simple permissions like network access and read write access of the original Temple Run app, the ‘Temple Run Super’ app asks for sensitive information like location, phone status, identity and access to user accounts. After being installed the app adds unwanted advertisements on the home screen and notification bar. Well, now we've seen that after various removal requests, Google Play has removed the developer from the store page.
#-Link-Snipped-#
Although ads might not prove so harmful, another malware named as “Android.DDoS.1.origin†has some even sinister motives. After affecting a device it installs an icon that is similar to the Google Play icon. In order to avoid any suspicion from the user the icon opens the regular Play Store. Behind all this the Trojan tries to connect itself to the command center server and on successful connection sends the affected user’s phone number. Next it waits for the cybercriminals to send in commands via text messages. The messages either contain parameters to make an attack on any server or phone number of any other smartphone. For attacking a server the programmers specify the port address and make the affected Android send data packets to it. In case of SMS based attack, a customized message is sent to the any specified number or even to any premium service provider. This could mean a very high phone bill for the affected user. The folks over at Doctor Web who discovered this Trojan are still not sure of how this app spreads.
Source: #-Link-Snipped-# & <a href="https://news.drweb.com/show/?i=3191" target="_blank" rel="nofollow noopener noreferrer">New Trojan for Android can mount DDoS attacks</a>
#-Link-Snipped-#
Although ads might not prove so harmful, another malware named as “Android.DDoS.1.origin†has some even sinister motives. After affecting a device it installs an icon that is similar to the Google Play icon. In order to avoid any suspicion from the user the icon opens the regular Play Store. Behind all this the Trojan tries to connect itself to the command center server and on successful connection sends the affected user’s phone number. Next it waits for the cybercriminals to send in commands via text messages. The messages either contain parameters to make an attack on any server or phone number of any other smartphone. For attacking a server the programmers specify the port address and make the affected Android send data packets to it. In case of SMS based attack, a customized message is sent to the any specified number or even to any premium service provider. This could mean a very high phone bill for the affected user. The folks over at Doctor Web who discovered this Trojan are still not sure of how this app spreads.
Source: #-Link-Snipped-# & <a href="https://news.drweb.com/show/?i=3191" target="_blank" rel="nofollow noopener noreferrer">New Trojan for Android can mount DDoS attacks</a>