Google Removed 300 Apps from the Play Store That Silently Launched DDoS Attacks

BY

Published 29 Aug 2017

NSFW AI Why trust Greenbot

We maintain a strict editorial policy dedicated to factual accuracy, relevance, and impartiality. Our content is written and edited by top industry professionals with first-hand experience. The content undergoes thorough review by experienced editors to guarantee and adherence to the highest standards of reporting and publishing.

Disclosure

New Play Store logo

Google has removed around 300 apps from the Play Store after it was discovered that they were hijacking Android devices to help aid wide-scale distributed DDoS attacks. The “WireX” botnet was hidden inside apps like ringtone maker, file managers etc.

These infected apps worked flawlessly and did not give users any reason to doubt their nefarious intentions. As long as you had one of these apps installed on your device, it was silently participating in a wide-scale DDoS attack without you knowing anything about it.

The malware first caught the attention of content delivery network provider Akamai which has since then been working with researchers from Google, Cloudfare, RiskIQ, and others to combat the botnet.

“We identified approximately 300 apps associated with the issue, blocked them from the Play Store, and we’re in the process of removing them from all affected devices,” a Google spokesperson said in a statement. “The researchers’ findings, combined with our own analysis, have enabled us to better protect Android users, everywhere.”

Akamai estimates that at least 70,000 Android devices were affected by the WireX botnet.

Google has been aggressively using machine learning and various other tools to help keep nefarious apps away from the Play Store. Thanks to its Play Protect suite, the company was able to quickly remove such apps from the Play Store and also from users’ devices. Nonetheless, you should still be cautious while installing apps from the Play Store.

[Via Gizmodo]