ArsTechnica reports that Google has pulled 13 malicious apps from the Play store after they were found to make unauthorized downloads. The apps (listed below) are particularly dangerous in that they attempt to gain root privileges that would allow them to remain installed even after a factory reset.
The malware used a clever technique to make the apps appear safe, giving them high download numbers and positive ratings.
The apps are capable of using compromised devices to download and positively review other malicious apps in the Play store by the same authors. This helps increase the download figures in the Play Store.
Although the family of malware known as Brain Test has been around for a while, affected apps have previously only been found in third-party app stores. This is the first time Brain test apps have been found in the Google Play store …
At the time they were detected, the apps weren’t doing anything more than downloading and rating other Brain Test apps, but a simple change in the code running on a server accessed by the apps would allow them to be used for a wide variety of other fraudulent purposes.
The good news is that the apps are only likely to have succeeded in gaining root access if your device has been rooted. The bad news is that, if it has, the only sure way to remove the malware is to back up your device and then reflash the ROM.
Full details can be found on the Lookout blog. These are the affected apps:
What was described as the worst Android vulnerability ever was discovered last summer, with manufacturers subsequently issuing patches against it. Most malware, however, has been found only in third-party app stores.
Qualcomm hopes that the Smart Protect feature built into its Snapdragon 820 chip will help to block malware.