Due to Android’s open nature, it is easier for malicious software to make its way on to services like the Google Play Store. Google has been tightening things up over the last year but it seems that there is still work to be done. This week, Google purged around 300 apps from the Google Play Store after they were found to be leveraging smartphones for Distributed Denial of Service attacks.
The list of apps included things like storage managers and ringtone software. These apps were masking the ‘WireX’ botnet which would leverage phones with these apps installed for attacks as long as the device remained switched on. The security researchers over at Akamai were the first to discover WireX after monitoring a recent DDoS attack, in which thousands of IP addresses were used to send web traffic.
Akamai, Cloudflare, Flashpoint, Google and more have teamed up to help combat the botnet. As part of its own statement, Google said that it is working with researchers to identify and remove more malicious apps. According to the group, around 70,000 devices in total could be compromised, spread out across 100 countries.
KitGuru Says: DDoS attacks are quite common these days and given the Play Store’s fairly relaxed approval process, it isn’t too surprising to hear that malicious apps managed to become prominent on Android devices. However, with such a huge collaborative research effort under way, hopefully more malicious software can be swiftly identified so Google can continue to take action.