Recently, security researchers from Symantec have found eight apps hosted on the Play Store that is infected with the Sockbot malware. Well, those eight apps have an install base ranging from 600,000 to 2.6 million devices.

Google Just Removed A Malware From Play Store With 2.6 Million Downloads

Android is now one of the most used mobile operating systems because it provides lots of advantages to its users. Users can search for their desired apps on Google Play Store and can do lots of customizations.

However, Android operating system also has its own disadvantages, and the series of problems with malware and viruses faced by Android in recent times can be taken as a proof. Recently, security researchers from Symantec have found eight apps hosted on the Play Store that is infected with the Sockbot malware.

Well, those eight apps have an install base ranging from 600,000 to 2.6 million devices. In a detailed blog post, Symantec has said that Malicious Minecraft-based Android apps have made its way to the official Google Play Store by posing as add-on functionality for the popular Minecraft: Pocket Editon game.

Image Source: Symantec
Image Source: Symantec

These are not official Minecraft app but it offers skins to the players which can be used to modify the look of Minecraft’s in-game characters. At first, the researchers assumed that the apps are aimed at generating revenue through pushing ads. However, on the deeper look, they found that the app has no functionality to display ads.

The app comes with an embedded trojan known as Sockbot which creates the SOCKS proxy for ad revenue and potential botnet enslavement. Symantec says “This highly flexible proxy topology could easily be extended to take advantage of a number of network-based vulnerabilities, and could potentially span security boundaries”

“In addition to enabling arbitrary network attacks, the large footprint of this infection could also be leveraged to mount a distributed denial of service (DDoS) attack.”

Well, when the app is installed, it requests lots of permissions like access to GPS, Wifi, Open Network Connections, Read and Write Permission to external storage and the ability to display ads. The app targets the US, but victims have also been found in Ukraine, Brazil, Germany, and Russia.

The security firm, Symantec has already informed Google to these apps on October 6 and Google had quickly removed it from the Play Store.

So, what do you think about this? Share your views in the comment box below.

LEAVE A REPLY

Please enter your comment!
Please enter your name here