The malicious software was downloaded by installing car game apps via Google Play
Half a million Android users install malware via Google's app store
Have an Android phone? Like playing driving games on your device? Well, then you may have been exposed to malware. Thirteen gaming apps have been deleted from the Google Play store after they inserted malware into the phones of people who downloaded them.
According to TechCrunch, the apps were downloaded around 570,000 times before they were pulled from the store.
People who downloaded the truck or car driving games then found the app to be buggy, crashing upon opening.
Meanwhile, in the background, the app was downloading a payload (aka, the portion of a virus that actually performs the malicious action) from another domain, which was, according to Tech Crunch, registered to an app developer in Istanbul. Plus, the app's icon was automatically deleted from the phone.
Malware researcher Lukas Stefanko tweeted a warning about the apps while they were still available on the store:
What exactly the malware wanted to achieve is still unclear - but what tech experts have figured out is that the malware would launch every time the infected phone or tablet was launched, and that it had full access to the phone user's private information. Basically, it was pretty powerful and pervasive.
While 500,000 people is a huge number, and one of the largest breaches Google has ever experienced; in terms of app numbers, these 13 'games' are just a drop in the ocean: Google pulled more than 700,000 malicious apps from its Play store last year alone.