By Shane Curtis
Google has been forced to remove almost 300 apps
from its Play Store after learning that apps were being hijacked for DDoS
attacks, an attack that ESET warned
its followers on social media about in early August.
The botnet, named WireX, is estimated to have
possibly infected close to 70,000 devices before Google took action.
Once they became aware of the attack Google started
the process of removing them, “we identified approximately 300 apps associated
with the issue, blocked them from the Play Store, and we’re in the process of
removing them from all affected devices”, said a Google spokesperson. “The
researchers’ findings, combined with our own analysis, have enabled us to
better protect Android users, everywhere”.
ESET detection engineer, Lukas Stefanko, first
noticed the vulnerability 20 days before it was removed from the store and
published technical details to keep users up-to-date, “”We detected this
infiltration as Android/HiddenApp and Android/Clickerand, plus we were one of
the first to disclose this threat and how to get rid of it”, said Stefanko
After discovering the issue and the new malicious
apps, he immediately reported his findings to the Google Security team and
shared the warning with users, “once I discovered this threat we immediately
informed users through our social networks to be aware of these malicious apps
and with instructions how to uninstall it”, he said.
If you are worried about inadvertently crossing paths with one of these nasty apps, Lukas has some helpful words to guide you in the right direction, “for people that only recently removed one of these infiltrators, or for people that could stumble upon them in the Play store, my advice would be to read comments and app reviews. You should mainly focus on the negative ones, make sure you have installed up-to-date security software and be aware when applications that you’ve installed change name or app icon”.