'Super Free Music Player' App Spreads Malware onto Thousands of Android Devices
Malware found on mobile apps is a continually growing issue, especially among Android devices that may obtain apps from 3rd party sources and the Google Play Store. In the recent events of discovering malware-laden apps, we look no further than the Google Play Store at the app called Super Free Music Player, which has spread malware onto upwards of 10,000 Android devices thus far.
Computer security researcher Rowland Yu, from SophosLabs, identified the malware spread through the Super Free Music Player app as being sophisticated enough to evade detection by Google, which leads to the app ending up on the Google Play Store circulated to thousands of users. Through the use of dynamic code loading, time bombs, and domain or IP mapping, the Super Free Music Player app malware can download encrypted payloads from remote websites which may further infect an affected Android device.
The malware ported onto Android devices from the malicious Super Free Music Player app may relinquish a device's model data, manufacturer, country, language, installed app list, SDK version, and potentially other personal information. It is suspected that one of the malware's primary purposes is to pilfer personal data and send it to a remote source enabling theft of personal effects.
Malware Attacking Android Devices Is Nothing New
Interestingly enough, hackers have been developing specialized malware to evade detection of sources like Google for the purpose of spreading malware-laced apps on official app stores like the Google Play Store. Even though Google is known for finding and removing malicious apps promptly, ones that evade detection take longer to find and stop. In the case of Super Free Music Player, it was able to fly under the radar for a few days where it is believed to have been downloaded between 5,000 and 10,000 times.
Computer and mobile device hackers have been targeting Android devices for many years now. However, in the recent couple of years, their efforts have ramped up to attack sources like the Google Play Store with dirty strains of malware that also evade detection. Some of the recent variations of malware-laced apps had affected millions of users, such as the case of spreading malicious Pokémon Go apps when the official Pokémon Go app was one of the most sought-after apps for mobile devices.
In the full scheme of things, the creators of malicious apps designed to evade detection and attack Android devices are looking for an easy payday. Fundamentally, such a payday is granted at the hands of highly aggressive Android malware that can target hundreds of applications throughout the Google Play Store to ultimately steal online banking login credentials. Moreover, the specialized malware may be designed to target specific devices where online banking information is stolen, in addition to credit card details, which may all lead to a potential domino effect of banking and identity theft.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.