A version of the hit game Angry Birds: Space that’s been seeded with malware has been discovered in the wild, although only the adventurous may risk being infected.
SophosLabs analyst Graham Cluley said that his organization discovered versions of Angry Birds: Space that made their way into “unofficial Android app stores,” according to a blog post Cluley authored.
It wasn’t immediately clear what “unofficial Android app stores” to which Cluley was referring; he was unable to be reached after hours in England. Technically, there is only one official Android app store: Google Play, formerly known as the Android Market.
To enable purchases and download apps from alternative stores like Amazon, for example, users need to check the box marked “Unknown sources,” allowing installation of non-Market applications. Cluley did not identify Amazon as a source of the malware-infected app, however.
If a user does download a version of the game from a unauthorized site, this is what the user risks, according to Cluley:
“The Trojan horse, which Sophos detects as Andr/KongFu-L, appears to be a fully-functional version of the popular smartphone game, but uses the GingerBreak exploit to gain root access to the device, and install malicious code.”
The Trojan communicates with a remote website in an attempt to download and install further malware onto the compromised Android smartphone, hiding its payload at the end of a JPEG image file.
“Effectively, your Android phone is now part of a botnet, under the control of malicious hackers,” Cluley wrote.
Angry Birds: Space, designed by Rovio, reached 10 million downloads in three days, and 20 million downloads within a week, according to Rovio.
For more from Mark, follow him on Twitter @MarkHachman.
For the top stories in tech, follow us on Twitter at @PCMag.
Article source: http://www.pcmag.com/article2/0,2817,2402966,00.asp?kc=PCRSS03069TX1K0001121
View full post on National Cyber Security » Virus/Malware/Worms