An Android app managed to infect around 1 million of its users platformς. Η εφαρμογή διατίθεται από το Play Store της Google and as researchers report it is almost impossible to uninstall. It's called Brain Test and it's a simple IQ test tool, and it contains a combination of malware.
Σύμφωνα με την ερευνητική ομάδα της Check Point, η εφαρμογή εντοπίστηκε μέσω του συστήματος preventionς απειλών της εταιρείας, για πρώτη φορά σε μια device Nexus 5.
Because his owner, after receiving the malware notification, failed to uninstall the malicious application, Check Point decided to take a closer look at the source of the infection.
So with reverse-engineering in the Brain Test application, researchers discovered a well-designed malware that allowed attackers to install third-party applications on the victim's phone after they had access to the root of the device.
Searching for more, the researchers discovered a complex system that allowed malware to avoid Google's Bouncer tracking an automated system to control apps that go to the Google Play Store.
So the Brain Test found its way to the devices of its victims. The application ran a time bomb every time the user opened it for the first time.
This function ran after a delay of 20 seconds, once every 2 hours, and slowly downloaded and decompressed the necessary code to acquire the same root rights on the victim's device. .
As soon as it was able to get root, the Brain Test application could install another application, brother.apk, which checked if the first one was running properly, if it was removed by the user, it installed it again.
