Google Play Store has been under attack from malware that comes disguised as a game.
The attack has taken place on two separate occasions but within one month – August 2015. The scary bit about this is that users downloaded the malware between 100,000 and 500,000 times. What this means is that up to 1 million devices could be infected. The name of the app is Brain Test, which looks harmless enough until you download it to your device.
Currently, the malware has been pushing ads to the devices whose owners have downloaded it. On the other hand, researchers believe that the malware is more advanced than what it is portraying. Consequently, they believe that the app is doing much damage in the background. The malware has been effective at using different tricks to bypass the vetting system that Google introduced through Google Bouncer for all apps.
Root Access of Android Devices
Gaining root access to your device is a task that the malware is capable of doing without much difficulty. It does this by taking advantage of the privilege escalation exploits. Identifying and removing the malware is a tedious task considering the persistency with which it operates to avoid detection. The malware is quite aggressive in pushing advertisements to appear on the screen unexpectedly and without the user’s consent.
Features Unwanted Ads
The malware ensures that unwanted ads appear on the screen at any time. The sophisticated framework that the malware has means that it is not far away from gaining complete control over any device in which a user installs it. The silent nature at which the app operates makes it impossible to detect unless your device has up-to-date and highly effective antimalware software installed in the gadget.
Re-Flashing the Device
If you were among the people who installed Brain Test in their devices, the only option would be to re-flash the gadget. To do this, you would require an official ROM. The persistent nature of the malware is because of the additional apps that it incorporates to ensure that nobody can completely delete it from any device. If you delete the malware, an additional app will reinstall it within a short moment, thus rendering your efforts useless and ineffective.
When the malware gained entry into Google Play Store, users might have believed that the breach would not occur a second time. Less than a month later, the author succeeded in making the malware enter Play Store for a second time. He succeeded with the help of Packer, which is a tool that Baidu makes. With the Parker tool, the author was able to do the following:
- Obfuscate specific codes
- Prevent and avoid proper analysis
- Reverse all the engineering efforts
Therefore, do not install Brain Test.