• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • December 11th, 2019
  • Home
  • About Us
  • Team
  • Advertise
  • Submit News
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Google+
    • Linkedin
    • Youtube
Home » Technology News » Android » Researchers Found 60+ Malware Infected Android Gaming Apps on Play Store

Researchers Found 60+ Malware Infected Android Gaming Apps on Play Store

January 30th, 2016 Uzair Amir Android, Gaming, Malware, Security 0 comments
Researchers Found 60+ Malware Infected Android Gaming Apps on Play Store
Share on FacebookShare on Twitter

For cybercriminals developing an Android malware is a piece of cake and the problem is Google just not care. 

According to Dr.Web’s security researchers, Google’s official Play Store is extremely unreliable because over 60 Android games available on this platform contain Android.Xiny, a malicious Trojan. It was also discovered that around 30 different developers were responsible for uploading these 60+ infected games. However, all the games were so similar in packaging and behavior that these appeared to be uploaded by the same source.

60-android-gaming-apps-on-google-store-available-for-download

60-android-gaming-apps-on-google-store-available-for-download-2

When any of these games were downloaded by users, it resulted in compromising of their personal information, which was then transferred to a remote command and control server. The information collected includes IMEI and IMSI identifiers, mobile operator information, country and language settings, OS version, MAC address of the phone, kind of memory card inserted into the device and the app from where the Trojan was getting all the information.

60-android-gaming-apps-on-google-store-available-for-download-2

It makes sense that the Trojan collects information about the app because it happens when the system is infected with multiple malicious apps. This also highlights another fact that these games could have been developed and deployed on the Play Store by the same bad actor.

The malicious Android.Xiny malware displays ads and also invites other malicious apps on the system after installing itself.

When the data is transferred to the related command and control server, according to the phone specifications of the victim, the malware operator instructs the Trojan to escalate its presence in the device by getting other malicious applications deployed on the system along with displaying ads.

However, this malware doesn’t obtain root privileges yet, it can download and takeoff other applications into execution. It contains such powerful code that is enough to root the device and help the attacker gain more control on the device/system/phone.

Dr.Web’s researchers noticed a strange occurring while investigating this campaign, which was the use of steganography for deploying malicious applications.

Steganography involves hiding data that is easily viewable such as images. The operators of Android.Xiny packed other Android apps inside a PNG image and did not choose to hide its download through HTTPS traffic.

This was done so because not many security researchers conducting reverse engineering would feel suspicious about downloading an image as their focus is usually on observing and attempting to track HTTPS traffic since it is a common avenue for malware distribution.

As of now, Google hasn’t managed to take down these malicious apps infected with Android.Xiny malware.

  • Tags
  • Android
  • gaming
  • Google
  • Google Play Store
  • Malware
  • security
  • Smartphones
Facebook Twitter Google+ LinkedIn Pinterest
Previous article United States' Largest Police Union Servers Hacked, Trove of Data Leaked
Next article Why Dark DDoS Cyber Security Threat Will Grow in 2016
Uzair Amir

Uzair Amir

I am an Electronic Engineer, an Android Game Developer and a Tech writer. I am into music, snooker and my life motto is 'Do my best, so that I can't blame myself for anything.'

Related Posts
Cyber attack cripples networks in city of Pensacola days after shooting

Cyber attack cripples networks in city of Pensacola days after shooting

FBI uses PlayStation to bust large scale drug deal

FBI uses PlayStation to bust large scale drug deal

Fake VPN website delivering password-stealing malware

Fake VPN website delivering password-stealing malware

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

LATEST POSTS
Cyber attack cripples networks in city of Pensacola days after shooting
Cyber Attacks

Cyber attack cripples networks in city of Pensacola days after shooting

35
20 years prison for Romanian hackers who infected 400,000 computers
Cyber Crime

20 years prison for Romanian hackers who infected 400,000 computers

279
FBI uses PlayStation to bust large scale drug deal
Cyber Crime

FBI uses PlayStation to bust large scale drug deal

756
Fake VPN website delivering password-stealing malware
Security

Fake VPN website delivering password-stealing malware

1308

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us