The number of millions of people using the Android operating system is increasing. That is why lately we find ourselves more frequently so that our device may be infected or in danger for some reason.
A few days ago we saw how the attack on the security protocol for WPA2 WiFi networks had infected about 41% of Android devices. But the news for all these devices do not stay here, since yesterday the Symantec company published in its blog the news that certain applications have managed to be placed as official Android applications for Google Play, infecting our phones or Tablet.
Fraudulent applications as complements to Minecraft
Minecraft is a very popular game that Microsoft acquired for 1.5 billion pounds. This game is safe, but the problem arises when we download add-ons from Google Play that in principle sell us the idea that their only purpose is to modify the aspects of the characters in the App.
In the background this type of applications, (8 have been detected) enables the functionality of an attack aimed at generating illegitimate advertising revenue.
How applications work
According to Symantec, the application connects to a control server (C&C) that requests that the application open a socket using SOCKS before connecting to a destination server.
This would give the App a list of ads and metadata to launch ad requests. The problem is that there is no functionality to show ads. That is why researchers have considered that the network system used by the application could also be used for other unknown purposes.
This vulnerability could therefore be used for different attacks on the network such as DDos and jeopardize the security of our data.
At the moment we should not worry since Google has confirmed that the presence of these malicious App have been removed from the store but we ask ourselves the question about how they could be accepted in Google Play?
Articles