Bad apps: Hackers target Android phones

Victims in more than 20 countries installed the malware when they tried to download applications that were disguised as legitimate. Those included apps such as “Sex Cademy” and “Kiss Browser,” popular games like “2048,” and basic functions like the “calculator” application.

“The attacker uploads the apps to third-party app stores and promotes the download links via websites and in-app ads,” FireEye reported. “On the initial launch, Kemoge collects device information and uploads it to the ad server, then it pervasively serves ads from the background.”

As a result, “Victims see ad banners periodically regardless of the current activity (ads even pop up when the user stays on the Android home screen).”

The researchers said the problem worsens over time. “Initially Kemoge is just annoying, but it soon turns evil.” Specifically, it seeks to uninstall legitimate applications and prompt a complete infestation by malicious ones.

The bottom line, according to the report’s authors: “This is another malicious adware family, possibly written by Chinese developers or controlled by Chinese hackers, spreading on a global scale that represents a significant threat.”

The malware is still running rampant, and the authors note that it has infected phones used by government officials around the world. The only continent where it has yet to be reported is Australia.

To prevent installing malicious software, Android users are advised not to click on suspicious links in e-mails, SMS messages, or websites, and not to install applications outside of official app stores.

Related Story: http://www.washingtonexaminer.com/article/2571191

The report comes just over a month after the discovery that 226,000 jailbroken iPhones around the world had also been compromised by Chinese hackers. In a separate November 2014 incident dubbed “Masque Attack,” FireEye reported that a similar attack out of China had also targeted iPhones using fake applications.