Malware masquerading as games show up on Google Play

Symantec has discovered that malware snuck its way into certain legitimate-looking apps, which were available for download from the Google Play store.

Symantec has discovered that malware snuck its way into certain legitimate-looking apps, which were available for download from the Google Play store.

(Credit: Symantec)

The two games, Super Mario Bros and GTA 3: Moscow City, were both downloadable from 24 June, and were disguising the Android.Dropdialer malware, which sends SMSes to premium-rate phone numbers. The malware was downloaded between 50,000 and 100,000 times before it was removed from the store.

According to CNET Australia's sister site ZDNet, security firm F-Secure found evidence of the same malware residing in other apps on the Play store within 10 seconds of scanning.

As the malware connects to only specific premium phone numbers, it's unlikely that it would affect users residing outside the country that the dialler is targeting.

According to Symantec:

In the case of Android.Dropdialer, the first stage was posted on Google Play. Once installed, it would download an additional package, hosted on Dropbox, called "Activator.apk". This additional package sends SMS messages to a premium-rate number. An interesting feature of the secondary payload is that it prompts to uninstall itself after sending out the premium SMS messages — an obvious attempt at hiding the true intent of the malicious app. The premium SMS is targeting Eastern Europe.

Tags:
Internet
About the author

Lexy spent her formative years taking a lot of photos and dreaming in technicolor. Nothing much has changed now she's covering all things tech from CNET's Sydney office.

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

Christmas Buying Guide

Get your Christmas shopping started early this year

From the obsessed photographer to the fitness fanatic, we have a tech gift for everyone on your list.