Since third party app stores are blamed for infecting android devices with malware as the apps on it may contain malwares. Many users have been affected by downloading apps from third party app stores. However new android malware poses as popular game and targets users via Google Play.
New Android Malware Impersonates as Popular Game, Targets Android Users Via Google Play
Secuirty Experts have been warning Android users to not download apps from any site other than Google Play, however a new android malware called as Viking Horde has been found on Google Play. It lets hackers to do click fraud, SMS fraud, send spam texts and to carry DDoS attacks from the targeted devices.
Initially, Viking Horde malware was discovered by the security team at Check Point and they reported to Google on May 5. This malware has been labelled as dangerous as it has the potential to attack non rooted as well as rooted android devices.
Rooted devices are at high risk because this lets the malware to download additional components which makes it very difficult to remove.
“On rooted devices, Viking Horde delivers additional malware payloads that can execute any code remotely,” the security firm stated. “It also takes advantage of root access privileges to make itself difficult or even impossible to remove manually.”
Once the user installs an app containing Viking Horde malware, the device then joins a botnet or in other words we can say a network managed by hacker, without any user interaction. Bots are generally used by hackers to generate advertising clicks for more income.
“The malware’s primary objective is to hijack a device and then use it to simulate clicks on advertisements in websites to accumulate profit,” Checkpoint stated.
Personal details of users are also at high risk, as the app can acquire access to all parts of device which it targets. Some users through reviews claim that the app also sends premium text messages, which the hacker uses to carry DDoS attacks, spreading malware or spamming.
This malware is present in five apps on Google Play, these are Viking Jump, Parrot Copter, WiFi Plus, Memory Booster and Simple 2048. However, Viking Jump is still present on Google play while as other apps have been removed.
Check Point said that maximum users who downloaded Viking Horde-infected apps are from Russia, Spain, Lebanon, Mexico and the US.
Since Android came into force, it is being infected with malwares, ransomwares. Recently, Cyber Secuirty firm found a vulnerability in Android phones that are using Qualcomm processor. The vulnerability emerged in 2011 as vulnerable APIs. Secuirty researchers have warned that it could have put millions of smartphone users at risk. This vulnerability if exploited, allows the hacker to get access to sensitive details of the user.