It has been a tough month for Internet security, especially regarding mobile devices. Not only was there a massive malware threat on approximately a quarter of a million Apple iPhone devices, but Android devices have also been experiencing a gaping security hole.
Check Point, a staunch competitor and leader in the security appliance market, released a post just yesterday that explained the Android security problem in great depth. The malware is installed on Android devices via an app called Brain Test, which serves as the malicious code’s distribution system. But just how many users were affected by this nefarious application? There isn’t enough accurate data to show the exact numbers, but it seems that anywhere between 200,000 and 1 million Android users were affected.
Check Point reported that the application utilized sophisticated techniques to circumvent malware detection from the Google Play store, and the code gives an attacker a ridiculous amount of control over an infected Android device. After a user has downloaded and installed the app, an attacker has the ability to install rootkit programs and then download, install, and run any malicious code they so desire on the targeted device. By using a series of privilege escalation techniques, Brain Test installs its malicious code as a background system process that would look like a perfectly normal and legitimate operation to the vast majority of users. Furthermore, it is incredibly difficult to uninstall. Portions of the code in the malware monitor uninstall procedures, and if it detects a user trying to uninstall the code it simply reinstalls it much like a zombie.
The largest threat to Android users who installed the app is its persistence. It seems that the application serves as a method for attackers to get their foot in the door. The app has been found to download and install additional malware and infected apps which creates a snowball effect. Things can get out of hand pretty quickly, and there’s no telling what programs the application will install without a user’s permission because it is incredibly difficult, if not impossible, to reverse engineer.
Google as removed the app from the Google Play store two times already, but there are still many users that are unaware of how dangerous this application is. Even though it is not available in the Google Play store, the code is still lurking on many users’ mobile devices because they either don’t know it is there or they are failing to properly uninstall it. Unfortunately, Check Point reported that the only way to remove the malware is to flash your phone, which is a huge pain.
If you are aware that you have downloaded this app in the past, you need to flash your phone as soon as possible. Your personal information could very well be at risk. From text messages to financial data, you have no way of knowing where your personal information will end up if you have used Brain Test.
To help protect your privacy on Android, we strongly advise you to get a VPN specifically for your Android phone.