Yesterday, the folks over at Lookout divulged their latest find. 32 applications, mostly Russian language, were found to contain what Lookout calls "BadNews" -- a new piece of code that facilitates easy installation of malware onto users phones who have it installed. They estimate that apps containing BadNews have been installed over 2,000,000 times. While this is but a small drop compared to the hundreds of millions of Android devices and 25+ Billion apps installed from the Play store, it's still quite the eye popping number.
BadNews is disguised as an ad network. Besides serving ads for other less popular apps containing the BadNews code, it has the ability to send some of your private data (including your phone number and IMEI) to a server. It also displays fake news messages about app updates and links to actual malware that a user could install outside Google Play.
The offending applications, distributed across four different developer accounts, have been purged from Google Play. If you think you may have been affected, or are running one of the apps, Lookout's security application can assist in identifying the things you need to remove.
We appreciate a well researched and legitimate look at malware like this news, and don't want it to get buried like the so many FUD stories around the Internet that are speculation with no numbers. For a list of the applications, and a look at how this was discovered, click the source link below. Carry past the break for some further discussion.
Now to talk a bit about how and why this happened, and what users could have done differently to protect themselves. To start with, over 2,000,000 people downloaded an application from Google Play, and said "yes" when asked if they wanted to allow the downloaded application to have access to their phone number. We understand that all the app permissions can be confusing, and that often there are legitimate reasons for apps to request permissions to sensitive information. But we have to be diligent and read those permissions, every time, and pass on the apps we think have requests that sound fishy. While this means that we'll likely have to pass on a few apps that are innocent, it also means we won't have some spammy app sending all our contact data off to some server in the Russian Federation. This is the price of having an open application store, and while Google can come back and remove apps that have gone wild after they are found, we have to practice a little care of our own.
The second one is a no-brainer. If you click an ad banner that promises an update to an app that you downloaded from Google Play, or directs you to download and install any files to your phone, you have to say no. This is why it was a big deal when Facebook decided to go rogue and update their app in an unapproved manner, and why many folks were calling for their heads and removal of their app from Google Play for doing so. If you allow things like this to happen, nobody can help you. This time, these apps would have been detected by a security app like Lookout, but next time they may not. Just Say No.
It's relatively easy to write malicious code and inject it into an application that users want. It's not so easy to distribute it from Google Play, and as a result we see convoluted methods like BadNews to get the job done. Be diligent, be safe, and whenever you're in doubt ask for advice in the forums. We may be bickering between ourselves over whether Samsung or HTC makes the better phone, but we all work together when a friend is in need.
We may earn a commission for purchases using our links. Learn more.
I turned off my phone for a day and it was the best decision I made in 2020
The internet is great and useful for so many things. But a day without it was like a reboot inside me. You should try it.
Review: Dyson Pure Humidify + Cool is an incredible three-in-one system
Dyson's latest product combines a fan, air purifier, and humidifier into a single unit. The Pure Humidify + Cool has a premium design, delivers outstanding performance at both purification and humidification, and is an ideal product for the new work-from-home normal.
Don't delete your Oculus Facebook account if you want to keep your games
Nowadays, your Facebook account is your Oculus account. Make sure you don't delete it if you want to keep your games.
Expand your Galaxy S10 storage with these microSD cards
Instead of spending more on your Galaxy S10 for more internal storage, take advantage of that microSD slot and save with external storage.