Trojan Apps

Google has eliminated 300 apps from its online store after discovering a secret plugin silently installed across several Android devices. The seemingly innocuous apps were all secretly outfitted with the WiredX botnet. WiredX commandeers vulnerable Android phones and tablets, using the gadgets to kick off a DD0S attack. While Google does not yet have an official account of just how many devices currently host the WiredX botnet, Chad Seaman, a senior engineer at Akamai, a cyber security firm, estimates the number could reach 70,000 or more. “I know in the cases where we pulled data out of our platform for the people being targeted we saw 130,000 to 160,000 (unique Internet addresses) involved in the attack,” said Seaman. Silent, but Deadly The initial WiredX outbreak occurred on August 17th, when several Content Delivery Networks (CDNS) reported similar DDoS attacks. A search for the source eventually landed at the doorstep of Google’s Play Store, prompting the tech firm to pull hundreds of affected applications from its store and initiate procedures to remove the malware from infected devices. “We identified approximately 300 apps associated with the issue, blocked them from the Play Store, and we’re in the process of removing them from all affected devices,” a Google spokesperson said. “The researchers’ findings, combined with our own analysis, have enabled us to better protect Android users, everywhere.” The apps chosen to host the plugin provided genuine services, like ringtones and video players, but included hidden malware designed to commandeer the device for potential DDoS attacks. Once powered on, any infected phone or tablet mainly served as a soldier in a broader DDoS army – all unbeknownst to the user. While the apps themselves operated as promised, the malware surreptitiously connected to an internet server run by the WiredX...