• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • December 11th, 2019
  • Home
  • About Us
  • Team
  • Advertise
  • Submit News
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Google+
    • Linkedin
    • Youtube
Home » Security » Malware » Beware of Fake Apps: Google Deletes Fake BatteryBot Pro Malware App

Beware of Fake Apps: Google Deletes Fake BatteryBot Pro Malware App

July 11th, 2015 Farzan Hussain Malware 0 comments
Beware of Fake Apps: Google Deletes Fake BatteryBot Pro Malware App
Share on FacebookShare on Twitter

Last week we reported hackers are developing Android malware every 17 seconds, making it one of the most vulnerable OS ever.

Now a spoofed copy of the popular app named as “BatteryBot Pro” requested unnecessary permissions from the user during installation in an attempt to get full control over the user’s Android device, a researcher found out.

The app is alleged to imitate the functionalities of the authentic app and possess hidden ad-fraud activity, the app has recently been removed by Google from their official Android Play Store.

[must url=”https://www.hackread.com/android-apps-are-malware-security/”]Report reveals 1 in every 5 Android Apps is Malware[/must]

batterybot-pro-is-a-malicious-app-cant-be-uninstalled

Image Source: Zscaler

For those of you who don’t know, BatteryBot Pro is a genuine battery monitoring app that already exists in the Android app store which offers its users to check detailed information related to their smartphone’s battery like its temperature, voltage, health, current information in mA, and other useful data.

An unknown hacker decided to copy the original app’s functionalities while implementing irremovable malware, but thanks to a researcher named Shivang Desai who reported the app to Google and spoiled the developer’s vision of hacking Android devices.

The package of this app was named “com.polaris.BatteryIndicatorPro.”

The developers behind this app were trying to infect enough devices so that they can generate profit through ad click fraud and premium short messaging service (SMS) fraud. Apart from that, the app is precisely designed to download and install additional malicious Android APKs without the user’s permission. In addition to the hidden downloading of apps, the malware app also displays pop-up advertisements to the user.

“This malware was not only built with the purpose of displaying ads, it was also designed with more evil intentions,” Desai said.

Installation of Malware App

When installing the malicious app, it requested lots of more permissions as compared to the original app, some were normal but other were troublesome which included the permission to access the Internet, mount and unmount file system, send SMS messages, disable keyguard, get user account information, download without notification, and initiate outgoing calls.

After installation of the malicious app, the researcher found out that the malicious app “demanded administrative access,” which indicates that the objective of developer is “to obtain full control access of the victim’s device.”

Execution of Click Fraud and Ad Fraud Activities

But once the permission is granted by the victim, the malware app will provide exactly the same functionality of the original BatteryBot Pro app but continues to execute malicious activity in the background.

Apart from the execution of malicious activity the app also tried to download various advertisement libraries which carry a click fraud campaign, the security researcher found out.

batterybot-pro-is-a-malicious-app-cant-be-uninstalled-2

Image Source: Zscaler

“Some of these URLs were hard coded in the app and some were sent by the remote server.” – Shivang Desai, Zscaler Security Researcher.

[must url=”https://www.hackread.com/flashlight-apps-stealing-your-personal-information/”]Flashlight Apps Stealing Personal Information Stored On Your Smartphone[/must]

The malware app also tried to pull some personal information from the device, including cell phone operator, availability of SIM card, IMEI number, language, cell phone model, location and available device memory.

Then depending on the collected parameters, the malware app begins to receive the list of advertisements to be displayed on the device along with the URL from where the ads will be fetched.

Unable to Uninstall Malware App

Apart from the execution of click fraud and ad fraud activities, the app is explicitly designed so that it once installed can never be uninstalled again, at least by the novice user. The app run with administrative rights so that the user cannot remove it.

According to the researcher who tried to uninstall this malicious app,

“While in some of the scenarios we were able to manually delete the app, the malware authors have taken care of ensure persistence. The malware silently installs an app with a package name of com.nb.superuser, which runs as a different thread and resides on the device even if the app is forcefully deleted.”

[q]Don’t download apps from 3rd party[/q]

“A few traces of command execution were also seen in the app but were not fully implemented,” said Shivang Desai, the researcher at Zscaler. “Perhaps the developer is working on an upgraded version of the malware with proper ‘command-execution’ functionality,” Desai further added.

Report typos and corrections to admin@hackread.com

[src src=”source” url=”http://research.zscaler.com/2015/07/fake-batterybotpro-clickfraud-adfruad.html”]Zscaler[/src]

  • Tags
  • Android
  • APPS
  • Malware
  • security
  • Smartphones
Facebook Twitter Google+ LinkedIn Pinterest
Previous article Obama's Election Campaign Social Network Domain Hacked by Yemeni Hacker
Next article Beware: Hackers Target Users with Adobe Phishing Scam
Farzan Hussain

Farzan Hussain

I am Mohammad Farzan! A technology and gadget enthusiast as well as a creative content writer with over six years of experience in writing engaging content. You will mostly find me writing occasional blog posts, designing websites, capturing photos, social networking and listening to music.

Related Posts
Fake VPN website delivering password-stealing malware

Fake VPN website delivering password-stealing malware

Botnet found using YouTube to illegally mine cryptocurrency

Botnet found using YouTube to illegally mine cryptocurrency

Ginp Android trojan targets banking apps & threatens 2FA/SMS

Ginp Android trojan targets banking apps & threatens 2FA/SMS

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

LATEST POSTS
2.7 billion email addresses & plain-text passwords exposed online
Leaks

2.7 billion email addresses & plain-text passwords exposed online

913
Cyber attack cripples networks in city of Pensacola days after shooting
Cyber Attacks

Cyber attack cripples networks in city of Pensacola days after shooting

633
20 years prison for Romanian hackers who infected 400,000 computers
Cyber Crime

20 years prison for Romanian hackers who infected 400,000 computers

723
FBI uses PlayStation to bust large scale drug deal
Cyber Crime

FBI uses PlayStation to bust large scale drug deal

974

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us