A common recommendation that Android users get to avoid the malware that can sneak into your phones is always downloading apps from the official Google Apps market and secondary markets and the installation of inspirational of dubious origin. However, as the malware HummingBad showed in the middle of the year last to the penetrate in the defenses of the giant Internet, this Council has some that another lagoon.
Once the malware generated more than $300,000 in income a month and infected more than 85 million devices, which, at that time, ran versions of Android like KitKat and Jelly Bean. It was also one of the most dangerous malwares de 2016 represented by 72% of the attacks on mobile and in fourth place in the list of Check Point’s “the most dangerous worldwide malware “.
Unfortunately, malware HummingBad is not a thing of the past, since according to the security firm, a new variant, called HummingWhale, has been found in Google Play Store infecting more than 20 applications present in the official Google market.
Applications infected by HummingWhale
Several applications, infected by HummingWhale, have been published under the name of false developers Chinese in the Google app store, according to the report of Check Point. Applications have a structure of common name, com. [Name] .camera (examples include com.bird.sky.whale.camera and com.color.rainbow.camera), but there are also titles with different names.
CheckPoint says that all these applications infected of Google Play Store have in common a file encryption of size of 1.3MB so-called “assets / group.png” and that recalls to one of the files present in the malware HummingBad. Actually this is an APK designed to allow that other applications is download and install in the device Android of the victim of form automatic.
Among the symptoms of this new malware are the usual presence of false ads that using an Android framework, are able to create a false reference ID in order to generate revenue for the attackers.
Currently there are more than 40 applications that are spreading this malware for all Google Play Store. To detect the best that can be done when lowering a certain suspicious app is of course seek information regarding the network, and check the comments from users who have already downloaded the app. However from Check Point warn that confidence in Google Play again in question since there is the possibility of adding fraudulent scores that could mislead potential victims.
Malware HummingBad item reappears in Google Play Store in the form of HummingWhale was published in MovilZona.