Google pulls 300 Play Store apps infected with WireX botnet malware

Google has culled nearly 300 malware infected apps from the Play Store. (Source: Google)

Google has removed nearly 300 apps from the Play Store after researchers identified that they were infected with malware. Around 70,000 users in over 100 countries have been affected.

Sanjiv Sathiah, Published 08/29/2017

Google has pulled around 300 apps from the Google Play Store after it was alerted that they each carried the WireX botnet malware. Although not appearing to have posed a particular threat to the 70,000 smartphone owners affected, the malware took advantage of features in the Android service architecture that allowed it to use system resources to carry out distributed denial of service (DDoS) attacks. Once activated, the malware also worked in the background making it capable of being involved in an attack even when the app was not in use.

Researchers from Akami, Cloudflare, Flashpoint, Google, Team Cymru, among others, cooperated to identify and ultimately defeat the botnet in its current form. It first became active on August 2, but this escalated into a major DDoS attack on August 17 against a hospitality company website. Up to 70,000 IP addresses targeted the website simultaneously with large amounts of data, aiming to exceed the bandwidth of the site so that it would crash. The attacks were launched from over 100 countries, suggesting that the malware affected apps were widely available.

Following the removal of the apps, Google issued a formal statement:

We identified approximately 300 apps associated with the issue, blocked them from the Play Store, and we’re in the process of removing them from all affected devices. The researchers' findings, combined with our own analysis, have enabled us to better protect Android users, everywhere.

Source(s)

https://www.gizmodo.com.au/2017/08/google-removes-300-apps-used-to-launch-ddos-attacks-from-play-store/

https://blog.cloudflare.com/the-wirex-botnet/

https://www.gizmodo.com.au/2017/08/google-removes-300-apps-used-to-launch-ddos-attacks-from-play-store/

Microsoft Azure cloud services. (Image: Microsoft)

Microsoft fends off a 2.4 Tbps DDoS attack classed as the second-largest in history 10/13/2021

The free Office Depot PC Health Check allegedly operated in a similar fashion to scareware. (Source: FTC)

PC Health Check scareware allegations cost Office Depot and Support.com US$35 million 03/28/2019

It's not the first time Google Play has suffered from malware issues. (Source: Tech Viral)

Google Play security exposed by malware hidden in fake driving games 11/21/2018

An estimated 230,000 computers were infected within a single day in the 2017 WannaCry ransomware attack. (Source: Wccftech)

WannaCry virus strikes Boeing production plant 03/29/2018

ADB.Miner worm global infection map (Source: 360 Netlab Blog)

ADB.Miner worm turns your Android device into a mining rig 02/07/2018

Over 700,000 rogue apps removed from Google Play Store in 2017 01/30/2018

Global app downloads by store in Q4 2017 (Source: App Annie)

Google Play increased its lead in Q4 2017 by downloads, still making less money than Apple's App Store 01/29/2018

Google has pulled 63 apps found to serve up porn ads. (Source: PC World)

Google pulls 63 Android apps serving up porn ads 01/14/2018

North Korean military parade, North Korean Android malware targets defectors and their supporters

North Korean malware targets defectors and their supporters 01/12/2018

The official Android app market saw a 34.2% climb in revenue in 2017. (Source: Androidguys)

Smartphone app market saw 35% growth in 2017 01/08/2018

The Archive Poster Chrome extension has been caught mining cryptocurrency. (Source: Google)

Smartphone in smoke, the possible outcome of a Loapi Trojan malware infection (Source: Kaspersky Lab official blog)

The Loapi Trojan malware can blow up your Android phone 12/20/2017

Storyboard is one of three new experimental apps launched by Google. (Source: Google)

Google launches camera "appsperiments" for Android and iOS 12/12/2017

Pre-installed keylogger found in 460 HP laptop models in December 2017 (Source: Dash Force News)

More than 460 HP laptop models come with a pre-installed keylogger 12/11/2017

Google Files Go file manager (Source: Google Play)

Google Files Go file manager for Android enters public beta 11/10/2017

The wolf in sheep's clothing which snuck into thousands of unsuspecting digital pens. (Source: SwiftOnSecurity)

A fake Adblock Plus extension has infected about 37,000 Google Chrome users 10/10/2017

Equi-fail: Equifax directs customers affected by hack to fake phishing website 09/21/2017

Equifax security breach blamed on known web vulnerability in Apache Struts 09/14/2017

Equifax announces major security breach affecting 143 million customers in the U.S. 09/07/2017

Google's Certified Android devices program is a continuation of its security efforts. (Source: Google)

Google launches Certified Android device program 08/29/2017

The malware came pre-installed on various Android devices, including some Samsung phones

Severe malware infection discovered in 38 Android device models 03/10/2017

Five million Android users vulnerable to new malware attack 01/31/2012

Android malware reportedly at an all time high 11/20/2011

Loading Comments

Comment on this article

Intel announces the Movidius Myriad...

Fitbit Flyer wireless headphones co...

Sanjiv Sathiah - Senior Tech Writer - 1360 articles published on Notebookcheck since 2017

I have been writing about consumer technology over the past ten years, previously with the former MacNN and Electronista, and now Notebookcheck since 2017. My first computer was an Apple ][c and this sparked a passion for Apple, but also technology in general. In the past decade, I’ve become increasingly platform agnostic and love to get my hands on and explore as much technology as I can get my hand on. Whether it is Windows, Mac, iOS, Android, Linux, Nintendo, Xbox, or PlayStation, each has plenty to offer and has given me great joy exploring them all. I was drawn to writing about tech because I love learning about the latest devices and also sharing whatever insights my experience can bring to the site and its readership.

contact me via: @t3mporarybl1p

Please share our article, every link counts!

.170

> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2017 08 > Google pulls 300 Play Store apps infected with WireX botnet malware

Sanjiv Sathiah, 2017-08-29 (Update: 2017-08-29)

Google pulls 300 Play Store apps infected with WireX botnet malware

Source(s)

Related Articles