Browse archive

Latest news

Targeted data stealing attacks using fake attachments

A look into the EC Council hack

New Mac spyware signed with legitimate Apple Developer ID

Ransomware adds password stealing to its arsenal

"Get free followers" scam targets Instagram users

Thoughts on the need for anonymity

Four LulzSec hackers handed prison sentences

The New Yorker launches anonymous dead-drop tool

Researchers reveal OpUSA attackers' MO

Info-stealing Dorkbot worm spreading on Facebook

Review: The Hacker's Guide to OS X

Private messages of Bloomberg clients end up online

IT security jobs: What's in demand and how to meet it

Hacking charge stations for electric cars

Trojanized Angry Birds offered for download

Posted on 12.04.2012

The extreme popularity of Rovio's Angry Birds mobile game has made it and its special editions perfect for luring unsuspecting users into downloading malware.

A Trojanized version of the latest addition - Angry Birds Space - has recently recently been spotted by Sophos researchers being offered on a number of unofficial Android app stores.

Users who download it may not even realize that they have downloaded a malicious app, as the packet appears to be a fully-functional version of the game, and the name and the icon of the app correspond with the ones used by the legitimate app, which was released on March 22.

But the bundled GingerBreak exploit works in the background to gain root access to the device and to use it to download and install additional malware from a remote website.

The compromised device is then at the mercy of the crooks behind the malware, and is now effectively part of a botnet. The criminals can make it download any additional packet they want or make the browser surf to any webpage they choose.

As always, users are advised to be extra careful when downloading apps from unofficial online markets. Here's a few tips on how to spot fake Android apps.