Almost 300 Android applications have been removed from the official Google Play Store after ESET researchers reported that they were involved in a DDoS attack.
According to the security experts, the malicious apps have been hijacked by cyber criminals to be abused for the attack.
“We identified approximately 300 apps associated with the issue, blocked them from the Play Store, and we’re in the process of removing them from all affected devices”, a Google spokesperson said. “The researchers’ findings, combined with our own analysis, have enabled us to better protect Android users, everywhere”.
Last month, ESET researchers alerted to a possible DDoS attack. According to the experts, the hackers were developing a botnet called WireX which has been estimated to be composed of at least 70,000 devices before the apps were removed from the Google Store.
The first expert who spotted the threat was the ESET detection engineer, Lukas Stefanko. Stefanko found the malware 20 days before removing the hijacked applications from the Google Store.
“We detected this infiltration as Android/HiddenApp and Android/Clickerand, plus we were one of the first to disclose this threat and how to get rid of it”, Stefanko said.
The security researcher informed the Google Security team about his findings and they identified and removed the applications immediately.
The ESET team advises users to install only up-to-date security software and be aware if the applications they have installed change their names or app icons.
“For people that only recently removed one of these infiltrators, or for people that could stumble upon them in the Play store, my advice would be to read comments and app reviews. You should mainly focus on the negative ones, make sure you have installed up-to-date security software and be aware when applications that you’ve installed change name or app icon”. Lukas Stefanko said.