An Android app managed to infect about 1 million platform users. The app is available from Google's Play Store, and researchers say it's almost impossible to uninstall. Called Brain Test and is a simple tool for IQ test, and contains a combination of malware.
According to the research team of Check Point, the application was detected by the system preventionof its threats companys, for the first time on a Nexus 5 device.
Because his owner, after receiving the malware notification, failed to uninstall the malicious application, Check Point decided to take a closer look at the source of the infection.
So with reverse-engineering in the Brain Test application, researchers discovered a well-designed malware that allowed attackers to install third-party applications on the victim's phone after they had access to the root of the device.
Looking even further into theme, researchers discovered a complex system that allowed the malware to evade detection by Google's Bouncer, an automated system control of apps uploaded to the Google Play Store.
So the Brain Test found its way to the devices of its victims. The application ran a time bomb every time the user opened it for the first time.
This function ran after a delay of 20 seconds, once every 2 hours, and slowly downloaded and decompressed the necessary code to acquire the same root rights on the victim's device. .
As soon as it was able to get root, the Brain Test application could install another application, brother.apk, which checked if the first one was running properly, if it was removed by the user, it installed it again.