A new malware that had the potential to infect almost 10 million devices has been finding its way into genuine apps available from the Google Play Store.
The malware that spreads in the form of a fake ad that prompts users to download updates for other installed aps has been found in 32 apps so far. Millions of these apps have been downloaded worldwide, but only a small percentage of end users have been infected with the malware. The malicious ad directed users straight to a site that downloaded a premium rate SMS malware names ‘AlphaSMS’.
AlphaSMS automatically sends premium rate text messages from the infected device. Not only does it have the power to run up huge bills but can also send sensitive information such as phone numbers and IMEI numbers to the command and control server that it’s controlled by.
Google has since removed all infected apps from its Play Store.