Newly Discovered Android Malware Was Downloaded Millions Of Times
Security firm Lookout has detailed a clever new bit of Android Malware lurking in the Google Play store. The good news: unless youre downloading questionable Russian clone apps, youre probably not affected. The bad news: that hasnt kept it from being downloaded a few million times.
The new malware, fittingly dubbed BadNews, has been spotted tucked into 32 different apps from 4 separate developer accounts. Since Google Play only gives download numbers as huge ranges, no one can say exactly how many devices this has affected. With the lowball estimates, its around two million. On the high end, its as many as nine million. In reality, its somewhere in between the two.
As the BadNews bug appears to have been distributed as an ad framework for developers to use, its unclear how many of the infected apps were built primarily for malicious reasons. Its quite possible that some of the apps were built by well-meaning developers who just made a bad decision on an ad provider.
While Google has been making an effort to crackdown on malware with things like Bouncer (which constantly scans the Play stores apps for telltale signs of malware), its a never-ending (and very much uphill) battle. BadNews snuck into the store by posing as an ad network, only firing off the nasty bits of code by way of remote signal once it had found its way onto a bunch of devices.
http://techcrunch.com/2013/04/20/newly-discovered-android-malware-was-downloaded-millions-of-times