With the advent of ransomware viruses and intrusive applications, developers are doubling down on eliminating those features form their apps, app stores are also policing their library of apps to eliminate the chances of bots hi-jacking the phone’s resources.
Google has currently removed 300 applications from the Play Store that are masquerading as legitimate apps but use the user’s smartphone as a medium for distributed denial of service (DDoS) attacks. This is all part of a network of bots. The network was called WireX. The entire service has been in circulation since August 17 and Google has managed to put down 300 of the accessing applications that currently utilizing the feature against unsuspecting users. Some iterations act as ransomware that force the user to pay money to be relieved of the app’s malware. Some users may see a few of their apps deleted from their phone as a result, meaning that they would have belonged to this network of phone-hijacking bots.
DDoS services have been the cause of numerous websites and apps in the last few years. The apps in question that featured DDoS services were available in the Play Store in the form of video players, storage management solutions, ringtones and other seemingly harmless functionalities. The delivery network Akamai first discovered that there were applications that were integrating DDoS activities to users’ phones and then immediately informed Google who promptly took action to remove those apps out of their servers. Experts from various security research firms such as Cloudflare, Flashpoint, Oracle + Dyn, RiskIQ, Team Cymru and other organizations came together for the cause to solve the issue.
How DDoS works is, perpetrators will be directing users of their app to specific IP addresses. The overload of redirecting can overwhelm that the phone’s online systems get overwhelmed, rendering them useless. Several countries could be affected, including in hospitals where devices running versions of these apps can be detected. The destructive power that apps like these could have upon such organizations is near limitless. Google was not aware of the apps that have these kind of security concerns until it was promptly notified by Akamai. This could mean that there are still other apps that have not been discovered that could be available on the Play Store and other major online application stores that could potentially install invasive software onto users’ phones. As of now, over 70,000 devices have been affected by these kinds of apps.