Once again, malware has slipped through the Google Android vetting process to find its way onto user devices. Just as legitimate outfits such as Facebook use games as a way of capturing data and generating ad revenue so too do cyber criminals.
This time around the culprit is the appropriately named ‘Viking Horde’. Discovered by Check Point, at least five versions have managed to escape detection by Google Play malware scans. The most popular means by which the malware has been spread is via a relatively popular game called Viking Jump with between 50,000 to 100,000 downloads. The app was trusted enough to become a ‘Google Top Free App’ in some regions. The author of Viking Jump, as well as other infected apps, was listed as Nikolay Lisin.
Viking Horde added devices to a botnet of proxied IP addresses for the purposes of click fraud – generating ad revenue for the attacker. Some user reviews of the app claim that it sent premium SMS messages. On rooted devices the malware was able to execute code remotely.
Readers are warned to be alert to signs that an app may be doing more than that which it claims – check the permissions prior to installation. Games that ask to read SMS, phone calling and email permissions should be avoided. Read reviews to see what other users are saying – they may warn of the potential malware. Be wary of apps that have a number of very short, curt reviews written in poor English. Children, in particular, are prone to installing games that may in turn infect their devices.
Google was informed of the problem on May 5, according to Check Point. Viking Horde has been uncovered and removed from the Google Play store but there are others that are yet to be revealed.
0 comments:
Post a Comment