A popular Android app has put up to one million smartphone and tablet users at risk after hackers, suspected to be from China, used malicious software to breach Google Play security. The intelligence-testing Brain Test app was discovered to be containing the malware by security firm Check Point.
The malware, which was first discovered on a Nexus 5 smartphone, is described by Check Point as having a new level of sophistication and demonstrates the growing threat of mobile malware. The malicious software works by establishing what is known as a rootkit on the device, allowing it to download and execute any code a cybercriminal might want to run – such as unwanted advertisements or potentially even code that would allow criminals to steal a user's credentials.
"This attack highlights how sophisticated that mobile malware is becoming," Michael Shaulov, head of mobility at Check Point, commented to IBTimes UK. "Not only are hackers developing variants that evade detection by Google's own security measures in the Play store, but they are also creating malware that can sidestep security on smartphones to embed itself into devices, enabling data theft and loss."
Shaulov called on businesses and the wider public to ensure that they give mobile device security the same priority as they do with their PCs and laptops. Users concerned about the malware have been advised by Check Point to install up-to-date anti-malware software on their devices.
Check Point's discovery comes within days of news that Apple has fallen victim to the first large-scale attack on its App Store.
Hundreds of apps used predominantly by iPhone and iPad owners in China were reportedly affected and at the time of publication Apple is yet to issue instructions to users who may have downloaded the infected apps. An official list of the apps is also yet to be released.
According to security firm Palo Alto Networks, the scale of the attack is like nothing Apple has experienced before: "We believe [the infected program] is a very harmful and dangerous malware that has bypassed Apple's code review and made unprecedented attacks on the iOS ecosystem."