Languagesx
English Deutsch
Subscribe
Home 22 SMS Malware Apps Reach Android Market, Removed by Google

22 SMS Malware Apps Reach Android Market, Removed by Google

Android malware continues to evolve. The latest batch takes a two-pronged attack at users susceptible to downloading free games and can end costing victims a lot of money. Lookout Mobile Security reports that these apps, dubbed RuFraud, are pirated clones or add-ons of popular games and other apps designed to send premium SMS messages without users consent.

This is not the first time we have seen pirated apps deliver Android malware. Nor is it the first time that the tactic of sending premium SMS messages has been used by malicious coders.

Lookout informed Google of nine RuFraud apps in the last week, all of which were removed by Google from the Android Market. Overnight, the malware makers posted another 13 apps that have also been pulled.

Basically, these apps have hidden terms of service and obscure permissions that trick the user into downloading a version of a popular game for free that will have the SMS access permission hidden in the code. Lookout says that the apps affected European users and did not affect North American users. The malicious apps know where a user is based off their SIM cards.

Sophos Security notes that the hackers also use what could be seen as Black Hat SEO tactics but on an application store level. Essentially, the games are pirated versions that many users know and trust. For instance, the cloned games are named Angry Birds FREE, Cut the Rope FREE, Great Little War Game FREE etc. The publisher, according to Sophos’s Naked Security blog is named Logastrod and made “trojanized” verions of the apps. Here is a screen shot from Naked Security about the permissions one of the apps requesting.

Estimates on downloads of these apps range from 10,000 (Sophos) to 14,000 (Lookout). Sophos notes that these types of apps easily get through to the Android Market because the cost of becoming a developer in the Android Market is less than what a malicious hacker could make by putting these apps in the wild, even if they were only available for a short amount of time.

The nasty bit about these apps are how the malicious links are buried inside the ToS. It is hard to tell if an app is malicious at first glance because on permissions but it is always best to be safe and check an apps permissions before downloading it. Why does Cut the Rope need SMS permission?

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags

Related News

iPhone on a black background with a red "X"
Apple pulls WhatsApp and Threads from China’s app store
Brian-Damien Morgan
Google could launch Find My Device network in early April. A hand holding a smartphone with the Google logo magnifying glass icon overlaid on a background of concentric circles in Google's colors.
Google could launch Find My Device network in early April
Suswati Basu
Google may have fixed its Pixel scrolling issue. A smartphone displaying the Chrome logo with a graphic of a hand pointing to a downward arrow, symbolizing a scrolling action, on a vibrant Google-colored background.
Google may have fixed its Pixel scrolling issue
Suswati Basu
Apple Settles lawsuit
Apple settles lawsuit over CEO China comments
Charlotte Colombo
An illustration depicting a generic smartphone displaying a browser and various app icons, set against the backdrop of the European Union flag, symbolizing regulatory compliance and technological integration within the EU.
Apple to allow users to uninstall Safari on EU iPhones, embracing Digital Markets Act
Maxwell Nelson

Most Popular Tech Stories

Latest News

Release of Prison Architect 2 has been further delayed to September 2024
Gaming

Prison Architect 2 delayed again, this time to September
Graeme Hanna5 hours

A second delay has been confirmed for Prison Architect 2, less than a month before the expected launch date. The game is now expected to launch on Sept. 3. The...

Popular TopicsArrow right.svg

AI
AI
AR / VR
AR / VR
Cryptocurrency
Cryptocurrency
Gaming
Gaming
Smartphone
Smartphone
Gambling
Gambling
Wearables
Wearables
Web
Web

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.