A new malware campaign has been seen on the Android platform according to a new report by well-known security firm Check Point. In the report by the security firm, over 1 million Android devices have apparently been affected and the new malware is being dubbed as the Googlian. The malware is working at a rate of 13,000 devices per day, apparently.
The malware is said to be targeting vulnerabilities which are seen on the Android version 4 and 5, which include the Jelly Bean, Kit Kat, and Marshmallow ranges. The malware is known to be spreading some legit apps which are available on various third party app stores for the Android platform. Most third party app stores are popular in Asia and it is not surprising that most of the infections are being noticed there.
The malware works by utilizing well-known flaws in the Linux kernel which allow the malware to take control of the device once one installs a malicious app on their device. After being installed, the malware will then compromise the authorisation token of Google, and thereby gaining better control of the device’s Google accounts which include Photos, Drive, and Gmail. Google says that the malware is not taking any personal information, and truly when the Android Security team performed scans on the malware there was no evidence of data theft or any fraudulent use.
Googlian Increasing The App Rankings
However, the authors of the malware seem to be concentrating on increasing the app rankings on the play stores for Android. The app installs apps on devices and gives them five-star rankings, and since the malware is affecting more than a million devices, the app will get a significant boost from the ratings and reviews it receives from the malware. This is not the first time that a malware has been used to boost app rankings.
Last year, a family of malware was using the same technique before Google found out about it and removed the family of malware which was called, Brain Test. Google has been scanning for malicious apps periodically, but since the apps that Googlian promotes are not malicious, it’s hard to detect the malware.
All Android users have to make sure that they are running the latest operating system from Google to be sure that their device is not affected, therefore there is nothing to worry about.