This is an unprecedented infection that mass towards devices equipped with Android operating system, and caused by a new family of malware called BadNews. The malware is able to penetrate through the cracks of Google Play, and anti-malware system developed by the Mountain View company. The malicious code has exploited the system updates, making a mockery of all the precautions.
According to data published by the company Lookout Security, applications containing malicious code have been downloaded on 9 million Android devices and, after this warning, Google has provided the immediate closure of the account and developers , but also removed the app from the official store, however at this point, the damage may already have been done.
Google Play Store itself is not discharged directly by malware, but the app which is downloaded and installed on user devices, after a normal behavior held during the first few weeks, it has become progressively more aggressive, by collecting personal information, including phone number and IMEI, then start recommending, with a certain insistence, the installation of AlphaSMS app, a malware that sends SMS text messages without the user’s consent payment.
Half of the involved apps are on the Russian language, and 3 control servers are located in Russia, Ukraine and Germany and by the time of writing this news they are all still active, but security experts are working to close them as soon as possible. Here is a full list of all applications from Google Play Store that are affected by this BadNews Malware: