Google Android users and the app store were hit with a BadNews Bug yesterday. Security technicians found 32 apps on Google Play that harbored the bug.
A BadNews Bug typically steals a user's cash by racking up charges from sending premium rate text messages. The security firm Lookout uncovered the malware and said it had lain dormant in users' phone for weeks before becoming active. The 32 apps were available through four separate developer accounts on Google Play.
The bug targeted people in Russia, Ukraine, Belarus and other countries in eastern Europe. The bug was placed inside recipe generators, wallpaper apps, games and pornographic apps.
Lookout said the bug appeared to look like an "innocent, if somewhat aggressive, advertising network".
The bug became active when it pushed a malicious program called AlphaSMS. This program was labeled as an essential update for either Skype or Russian social network Vkontakte. It then stole credit by sending text messages to premium rate numbers that charge for each text sent.
According to Google Play statistics, the combined affected applications have been downloaded between 2,000,000 - 9,000,000 times.
*"It is not clear whether some or all of these apps were launched with the explicit intent of hosting BadNews or whether legitimate developers were duped into installing a malicious advertising network," Lookout wrote in a blog post.
"However, based on our analysis of the backend code behind a number of these purported ad networks there is little doubt that BadNews is a fraudulent monetisation SDK. Further, it is clear that a substantial amount of code in BadNews has previously appeared in other families associated with Eastern European toll fraud."*
Google has now suspended those accounts and removed all the affected apps from its online store. NQ Mobile reported earlier this week that mobile malware jumped 163 percent in 2012.
Users should always be wary of such bugs. Lookout advises Google Android users make sure the Android system setting 'Unknown sources' is unchecked to prevent dropped or drive-by-download app installs. They should also download a mobile security app that protects against malware.