Malware has infected Google Android devices after users downloaded rogue versions of Angry Birds Space, mostly found in unofficial Android app stores. The malware is taking advantage of the popularity of the new version of the wildly successful Angry Birds game.
The official “Angry Birds Space” in the Google Play Store (previously known as the Android Market) is not affected. Malware was only found in versions released on unofficial Android app stores.
The official “Angry Birds Space” in the Google Play Store (previously known as the Android Market) is not affected. Malware was only found in versions released on unofficial Android app stores.
SophosLabs uncovered the malware Andr/KongFu-L, which appears to be a regular version of the Angry Birds Space game. The trojan uses the GingerBreak exploit to get root access, then connects to a remote website to download and install malicious code.
Once infected, the Android device is essentially part of a botnet. The device can be instructed to download further code or to display certain URLs in the browser.
The malware is hidden away in the form of two ELF files inside a JPG file. In all other respects, the rogue Angry Birds Space software resembles the authentic game.
Users of unofficial Android app stores should remain wary of applications they download. If in doubt, refer to the Google Play store in order ensure you find the original software.
