Here we go again…
Once again Google has found itself having to remove Android gaming apps from the official Google Play store after security researchers discovered that they were secretly making unauthorised downloads and attempting to gain root privileges.
Some of the apps had received as many as one million downloads, according to a blog post by security firm Lookout.
Lookout identified a total of 13 malicious apps in the Google Play store: Cake Blast, Jump Planet, Honey Comb, Crazy Block, Crazy Jelly, Tiny Puzzle, Ninja Hook, Piggy Jump, Just Fire, Eat Bubble, Hit Planet, Cake Tower, and Drag Box.
According to the researchers, compromised devices could be subverted into downloading further malicious apps from the Google Play store, inflating download stats, and post bogus positive reviews:
It appears the primary goal of the malware is to download and install additional APKs as directed by the command-and-control server. The developers also used infected devices to download other malicious applications they had submitted to the Play Store, which would inflate the number of downloads each application received.
While the malware’s primary motive is likely selling guaranteed application-installs, its flexible design could allow the developers to utilize infected devices for more nefarious purposes if they desired.
High download figures and many positive reviews don’t just encourage other Android users to download apps, but might also trick them into believing that the apps can be trusted.
According to Lookout, the apps appear to have been written by the same developers responsible for the Brain Test family of malware, which made headlines after being discovered in the Google Play store last September.
You can find out more about the malicious Brain Test app, and view some tips about how to better protect your Android device from similar attacks, in the video I have made last year about the incident, and subscribe to my YouTube channel if you wish.
As I said at the time, there has been a long history of Android malware. Much of it has appeared on unofficial third-party sites, but with disturbing regularity malware has also sneaked its way into the official Google Play app store too, lending trojans and adware the undeserved halo of legitimacy.
Of course, the spectre remains that there are likely to be further malicious apps, perhaps created by different developers, still lurking undetected within the official Google Play store.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.