Published on April 23rd, 20130
BadNews Bug Hits Android App Store
32 apps on the Google Play Store have been identified as being infected by the Russian BadNews bug. The bug stole money from infected phones by sending premium rate text messages, racking up expensive charges. BadNews lay dormant on devices for weeks to avoid detection and targeted recipe generator apps, wall paper apps and games mainly.
The BadNews bug infected 32 apps which were built by 4 separate developer accounts. These accounts have now been suspended and the apps removed from the Google Play Store immediately. Unfortunately the bug remained undetected for a number of weeks as it used many different tactics to avoid detection. The bug sent users information about other infected apps and prompted them to download other programmes. This deception ended when BadNews got a prompt from one of the three command and control servers and started installing a more malicious programme called AlphaSMS. This programme steal credit from users by sending texts to premium rate numbers, leaving users with huge bills and empty pockets.
The bug was included by developers into the code for their own apps as it seemed like a good way for them to monetize their creations however they did not realise the repercussions of this or that this was in fact a malicious bug. Half of the 32 apps infected with BadNews are Russian and the version of AlphaSMS it installed is tuned to use premium rate numbers in Russia, Ukraine, Belarus, Armenia and Kazakhstan.
Photo by: eleZeta/Flickr