A new strain of Android malware was discovered by LookOut Security. It infected millions of Android running devices globally. The manifestation is a Russian-looking clone apps now spreading fast online.

"According to Google Play Statistics, the combined affected applications have been downloaded between 2,000,000 - 9,000,000 times. We notified Google and they promptly removed all apps and suspended the associated developer accounts pending further investigation. All LookOut users are protected against this threat," read the announcement from the LookOut blog site.

BadNews is the new malware family with 32 applications in four different developed accounts in Google Play Store. It poses as an ad network but is truly a malicious distribution network to push malware into infected devices in order to penetrate security.

BadNews malware can send fake news messages, prompt users to install applications and send sensitive information such as phone number, device details and others directed to the developer's command centre. One of the apps being pushed is the AlphaSMS, a premium rate SMS fraud malware to infect other devices.

This new malware reflected the significant advancement of mobile malware for it to achieve the distribution of infection on a wide scale. Here are some details how Badnews work:

  • After activation, BadNews polls its server every four hours for new instructions while pushing several sensitive information including phone number and IMEI.
  • The server replies and instructs BadNews what to do next. Users will receive fake news and prompts installation of a downloaded app payload.
  • Updates will be implied as available, including popular apps such as Skype.
  • Free downloadable software would tease users to obtain them but the result is it causes fraudulent charges.
  • APK of famous names such as "skype_installer.apk" attempts to ask permission request from users.

How to Prevent from Being Infected

  • Uncheck the "Unknown Sources" in the Android system settings to protect your device from installing applications outside Google Play Store or from USB connection.
  • Make sure to have only trusted security software installed on your device such as LookOut Security to shield it from malware.