Google Play Breached To Hack more than Million Android by Chinese Cybercriminals and Infect more than 1 million Android Users
Google has Employed the Google Digital Bouncer to prevent malicious and infecting Applications out of its App Market Google Play . Well now it has been reported to be breached . The Chinese cybercriminals have come up with smart ways to bypass the Digital bouncer and have been said to infected more than 200,000 Android Devices . The possibility is more than 1 million have been infected by now .
[box ENGINE=”shadow” align=”aligncenter” class=”” width=””][dropcap] ” [/dropcap]The Chinese hacker group is said to have placed its malicious application on the Google Pay Store as a Brain Test app. The application managed to install a backdoor for adding further malware, whilst installing a rootkit, a type of software that situates itself deep in the operating system. On affected Android devices, the rootkit allowed the hackers to ensure that even when the victim deleted the app, it would appear again after reboot . That means those infected have to go through the somewhat complex process of re flashing the device to truly get rid of the malware.[/box]
According to the reports from Checkpoint the hackers are said to have used a combination of very sophisticated techniques to get past the Google Bouncer . The Google Bouncer is the system deployed by Google to prevent distribution of malicious applications from its App Market Google Play .
Google Bouncer is = a sandbox that runs applications in a contained environment to check if they’re doing anything malicious.
The bad code in Brain Test would simply not run whenever the malware detected Google server IP addresses had opened the app.
What’s more, the malicious parts of the Brain Test apps would not run until the hackers initiated attacks from their command and control servers.
Chinese Connection : When the hackers got the app back on the store, using a different developer profile, they used a Baidu tool to obfuscate the code to ensure it’s underlying purpose couldn’t be ascertained by Google machines. Baidu tool indicated the hackers were Chinese, given the language required for using it.
Google noted that the apps had been removed but had no comment on the other findings.