Brain Test

Brain Test was a piece of malware masquerading as an Android app that tested the users IQ.[1][2] Brain Test was discovered by security firm Check Point and was available in the Google Play app store until 15 September 2015.[1] Check Point described Brain Test as "A new level of sophistication in malware".[1]

Brain Test was uploaded on two separate occasions (com.zmhitlte.brain and com.mile.brain), starting in August 2015, both times Google's "Bouncer" failed to detect the malware. After the first removal on 24 August 2015 the software was reintroduced using an obfuscation technique. Tim Erin of Tripwire said the "Bypassing the vetting processes of Apple and Google is the keystone in a mobile malware campaign."

The malware turned out to include a rootkit, the revelation being described as "more cunning than first thought".[3]

The malware is thought to have been written by Chinese actor, according to Shaulov of Check Point, based on the use of a packing/obfuscation tool from Baidu. Eleven Paths, a Telefonica-owned company, found links to may other pieces of malware, based on the id used to access Umeng, Internet domains accessed by the apps and shared jpg and png images.[4]

It appears the app was first detected on a Nexus 5 using Check Point's Mobile Threat Prevention System. The fact that the system was unable to remove the malware alerted the software company's researchers that it was an unusual threat.

According to Check Point, it may be necessary to re-flash the ROM on a device if Brain Test has successfully installed a reinstaller in the system directory.

Features

The malware was uploaded in two forms. The packing feature was only present in the second.

See also

References

  1. 1 2 3 Polkovnichenko, Andrey; Boxiner, Alon (21 September 2015). "BrainTest – A New Level of Sophistication in Mobile Malware". Retrieved 27 November 2015.
  2. Graham Cluley (23 September 2015). "Malware hits the Google Play Android app store again (and again)".
  3. Cett, Hans (2 November 2015). "Brain Test malware more cunning than 1st thought". GoMo News. Retrieved 27 November 2015.
  4. Detailed coverage at Forbes Chinese Cybercriminals Breached Google Play To Infect 'Up To 1 Million' Androids
  5. Kerner, Sean Michael (21 September 2015). "Malicious Brain Test App Thwarts Google Play Android Security". eweek.com. Retrieved 27 November 2015.

External links

This article is issued from Wikipedia - version of the 7/16/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.