Fake Angry Birds for Android Fills Your Phone With Malware
The security firm Sophos writes that the official version, published by Rovio on the Google Play marketplace, is not affected. The malicious version on unofficial app markets, which Sophos designates as Andr/KongFu-L, actually runs a fully functional version of the game — so infected players may not be aware they’re even infected.
Looking deep into the code, Sophos found that two files were hidden within a JPG inside the game. Once installed, the faux-game apparently gains root access to the phone via the GingerBreak exploit, basically placing your phone at the mercy of unseen hackers. Once it has access, the malware will download more malicious software, and even force the phone’s browser toward URL’s designated by the malware’s creator. In the words of Sophos:
Effectively, your Android phone is now part of a botnet, under the control of malicious hackers.
The moral here: Buy the real game. If you already succumbed to the siren song of off-market software, then perhaps you’ve got a system wipe in your future.
(Sophos via All Things D via Gizmodo, image via Rovio)
- Flashback malware has infected over half a million Macs
- But Apple quashed it the other day
- Instagram is now on Android
- Japan as a totally sweet Neon Genesis Evangelion Android phone
Have a tip we should know? tips@themarysue.com