Malware-infected apps sneak into Google Play, leave Android devices wide open for attacks

The legend of vikings who siege settlements to loot their goods and set them ablaze is alive and well in the latest Android malware scenario. Apparently, not only do they still exist, but they also strike dangerously close to home. In April, researchers from 'Checkpoint' investigated a malware campaign in which a horde of malicious apps somehow breached the Google Play store's gates and attacked unsuspecting Android phones. Some of them even climbed to the top ranks with their large volume of downloads, before users started sensing there's something wrong with them and lowered their rankings.

The apps 'Viking Jump', 'WiFi Plus', 'Parrot Copter', 'Memory Booster', and 'Simple 2048' contain malicious components that begin their activity post their initial launch. Two binaries named like Android system files are installed on the storage, with one used for exchanging information between the malware's parts, and the other keeping a list of all its components. The virus checks for root permissions, and if your device is rooted, two additional components are installed for the attackers' purposes. Regardless of whether you have root access or not, the malware will connect to its command and control server, sending the device's battery charge, type of data connection, and phone number.

Download top-ranked app, get infected. No extra in-app purchases required!

Finally, the server opens a proxy connection capable of sending and receiving information between server and device according to the hacker's whim. In this campaign's case, devices are hijacked to simulate clicks on online advertisements and generate profit. Some of the applications also send premium SMS messages, and the proxy allows for DDoS attacks, spamming, and remote code execution. Your device pretty much becomes the hacker's puppet.

Checkpoint Security traced 44% of the infections to Russia, which is explained by the prevalence of Android 4.4 in the country. Later operating system versions (Lollipop and Marshmallow) have stricter permissions control, thus the malware which relies on very suspicious permission sets is less likely to get past observant users. Alas, the researchers haven't made recommendation about anything you could do in the event of infection. Hopefully, a decent antivirus app will be able to bring things back in order.

Also read:

Grab the Pixel 10 at Mint Mobile for $450 off

$349

$799

$450 off (56%)

Mint Mobile now sells the Google Pixel 10 with a massive $450 discount. The promo is available on select color variants with 128GB of storage. You also get a 12-month unlimited data plan for $180 instead of $360.

Buy at Mint Mobile

Pixel 10 Pro: now $475 off at Mint

$524

$999

$475 off (48%)

Grab the pro-grade, compact Pixel 10 Pro at Mint Mobile with a 12-month unlimited plan, and you can save a huge $475. The data plan comes with a discount, too: 50% off, to be exact.

Buy at Mint Mobile

The Pixel 10 Pro XL is $700 off at Mint right now

$499

$1199

$700 off (58%)

The high-end Gemini AI-enhanced Pixel 10 Pro XL is now available with a mind-blowing discount. You can now save $700 on the phone, plus 50% off unlimited 12-month plans.

Buy at Mint Mobile

The Pixel 10 Pro Fold is now $400 off

$1399

$1799

$400 off (22%)

The foldable Pixel 10 Pro Fold is another standout holiday offer. Right now, you can get the device for $400 off at Mint Mobile. On top of that, you save $180 on 12-month unlimited data plans.

Buy at Mint Mobile