Google battles malware on a regular basis. In a lot of cases, they have to remove malware-laden applications from their own Google Play Store so the users’ security would be preserved. This time, researchers from Wandera have disclosed information about another Android-targeting malware, distributed in over 50 applications. The virus allows hackers to act as extortionists and require money, while also steals personal information and audio recordings.
RedDrop is a very sophisticated malware threat
The creators of RedDrop malware had a very specific vision: and they delivered it very professionally. The malicious software engages in a variety of illegal activities, but also manages to do everything under the radar. Most of the applications, containing the malware, are very neutral: calculators, language learning tools and apps for image editing. However, some of them are more at-your-face. For instance, some of the devious apps are aimed at adults.
While you might not think of installing any of the apps, containing RedDrop, yourself, Baidu steps into the picture to “help” you. Researchers explain that a lot of the malicious apps are promoted in Baidu. Therefore, crooks appear to have considered all possible aspects of the infection, but luckily, researchers managed to detect their malicious apps in time. The discovery was made when the Wandera’s machine intelligence engine blocked a suspicious app. After looking at the app closer, researchers realized that the app had a very dark hidden functionality.
Currently, researchers have found more than 50 apps, delivering the RedDrop malware. However, the number might be much higher. Even though you might think that you are downloading a practical or an educational application into your Android phone, it is crucial to consider whether the app won’t reveal some hidden functionalities along the way. Of course, regular users cannot check this. Nonetheless, the best advice we can give you is simple: do not download random third-party apps. In addition to this, your Android should already feature regular apps like calculators: you should not try to use an alternative.
RedDrop has features of a dropper, Trojan and spyware
Once a malicious app, containing the RedDrop malware, is launched, the fun begins. The app will download additional functionalities, allowing the virus to really mess up your Android. Therefore, this infection has been categorized as a dropper. However, this is not the only possible classification. The malware can be labeled as Trojan, SMS fraud and spyware.
Malware-ridden apps have a way of dealing with the information, collected from victims’ phones. It appears that the gathered details are transferred to attackers’ personal DropBox or Drive Folders. After that, cyber criminals can review their “treasure” and decide upon a strategy. It is possible that the hackers will blackmail users: pay money or your personal, shameful or embarrassing photos, videos will be leaked to the Internet.
There might be some malware-ridden apps left on the Google Play Store
Overall, this is one of the most interesting pieces of Android-malware that we have detected this year. RedDrop virus is clearly a sophisticated virus, and hackers probably spent a lot of time perfecting it to the condition that it is currently in. Even though some of the malware-laden apps have already been red-flagged, there might be tons of them left in the wild. Before installing a new app for your Android, please think twice as it is the responsible thing to do.