There’s a new malware that has been found on the Google Play Store, no root required.
A new variant of the HummingBad malware, going by the name HummingWhale, has been found on the Google Play Store. Check Point states that they have so far found the malware on 20 apps within the official store.
The malware has been uploaded to the Google Play Store utilizing fake Chinese developer names. Attackers have been able to bypass Google Play’s security measures through a pretty ingenious method. The malware utilizes an android plugin, which allows the malware to download and install further apps onto the device, however, it uploads these apps to virtual machine. By loading these apps onto a virtual machine, the malware does not have to gain root access to the actual device, and this malicious activity is not recognized by Google Play.
What is in it for the attackers? Income. As yet, the malware is currently installing other apps, generating increased number of app installs, as well as generating fake ratings and comments on those apps. Add fraudulent ad activity to the malware and this could prove to be quite profitable to the attackers.
We can count on one thing in the mobile tech world, and that is the truth that attackers shall not sat idle when there are opportunities for illegal gain. In this world where new attacks arrive with regularity, I will only trust my most important device from a company which places security as their top offering and that company is BlackBerry.