Six cybersecurity firms came together today to announce that they successfully took down a network of apps that turned Android smartphones into cyber weapons.
Mashable reports that the malware, called WireX, was hidden in about 300 apps available for download in the Google Play Store. While they appeared to be pretty unassuming ringtones and video-playing apps, the programs were actually using smartphones to attack websites via a complex botnet intended to fake internet traffic and overload websites.
According to security site KrebsOnSecurity, the attack reached about 70,000 phones. However, Mashable notes that the number could be much, much higher. The site also notes that Google has been working to remove the malicious apps from the store and has already started the long process of pulling each one it can find.
Gary Davis, chief consumer security evangelist at McAfee, explains that Google’s security breach puts many people at continued risk, since so many different phone manufacturers and service carriers use the platform. Because of that scope, it’s difficult to offer consistent security updates across the board. Experts found WireX earlier this month and it’s taken until now to get a hold of it.
“Seventy thousand was a safe bet,” Chad Seaman, a senior engineer at Akamai told KrebsOnSecurity. “We saw attacks coming from infected devices in over 100 countries. It was coming from everywhere.”
Davis also fears that WireX will set precedent for new attacks, since hackers now know that hiding their malicious code in safe-looking apps is an easy way to spread their software.
“The growth in mobile has made it a lucrative target for the bad guys,” Davis added. “We expect to see more of these attacks and other types of attacks in the future as cyber criminals continue to realize success.”
Experts say that an easy way to see if an app is legitimate or not is to check out its reviews. If anything there seems off, like tons of reviews that seem like they were written by robots or no reviews at all, it’s best to stay away. They also note that this is only the beginning: This sort of cyber attack is only in its nascent stages and could grow to be more problematic in the future.
Click HERE to read more from Refinery29