Μια εφαρμογή Android κατάφερε να μολύνει περίπου 1 εκατομμύριο χρήστες της πλατφόρμας. Η εφαρμογή διατίθεται από το Play Store της Google και όπως αναφέρουν οι ερευνητές είναι σχεδόν αδύνατο να απεγκατασταθεί. Ονομάζεται Brain Test και είναι ένα απλό εργαλείο για τεστ IQ, και περιέχει ένα συνδυασμό malware.
Σύμφωνα με την ερευνητική ομάδα της Check Point, η εφαρμογή εντοπίστηκε μέσω του συστήματος πρόληψης απειλών της εταιρείας, για πρώτη φορά σε μια device Nexus 5.
Because its owner, after receiving it noticemalware, failed to uninstall the malicious application, Check Point decided to take a closer look at the source of the infection.
So by reverse-engineering the Brain Test app, the researchers discovered a very well-designed malware that allowed attackers to install third-party apps on the victim's phone after previously obtaining access in the root of the device.
Searching for more, the researchers discovered a complex system that allowed malware to avoid Google's Bouncer tracking an automated system to control apps that go to the Google Play Store.
So the Brain Test was finding its way to the Appliances of his victims. The app ran a time bomb mode every time the user opened it for the first time.
This function ran after a delay of 20 seconds, once every 2 hours, and slowly downloaded and decompressed the necessary code to acquire the same root rights on the victim's device. .
As soon as it was able to get root, the Brain Test application could install another application, brother.apk, which checked if the first one was running properly, if it was removed by the user, it installed it again.