Today, Lookout is reporting that they have found a new family of malware that has been running rampant throughout Google Play called, BadNews. BadNews was found on a total of 32 applications on Google Play and through statistics, is said to have been downloaded roughly 2 million to 9 million times.
Lookout brought this to the attention of Google and the company immediately removed the infected apps and have suspended the developer accounts associated with them.
BadNews masquerades as an innocent, if somewhat aggressive advertising network. However, it has the ability to send fake news messages, prompt users to install applications and sends sensitive information such as the phone number and device ID to its Command and Control (C&C) server. BadNews uses its ability to display fake news messages in order to push out other types of monetization malware and promote affiliated apps.
During our investigation we caught BadNews pushing AlphaSMS, well known premium rate SMS fraud malware, to infected devices.
Naturally, users who currently have the Lookout application installed on their device are safe from this threat.