While some reports indicate that 2016 is going to be the year the industry makes some very big strides in mobile security, Android isn’t quite there yet. A new report found Trojan-like infections on more than 60 Android games hosted on Google Play. These Trojan-like functions allowed the applications to download and execute malicious code hidden inside messages, leaving Android users completely unaware that their devices had been compromised.
Researchers from the Russian Antivirus company Doctor Web found these applications, which were reported to Google about a week ago. These findings mark a kind of resurgence of a danger Google thought it had wiped out of Google Play. The company had been using more rigorous checks over the last few years for these kinds of programs. The way the company had attempted to avoid these problems was the use of an automated scanned called a Bouncer.
Bouncer bypassing isn’t impossible, but PC World points out that it isn’t easy, either. This is why most Google applications that have Trojans are distributed from third-party stores. These applications are downloaded by people who have been foolish enough to allow applications to be downloaded from “unknown sources.”
It would appear that the resurgence of these infected applications means that Google is going to have to double down on its own security protocols. It also means that Android users are going to have to be even more careful about where they actually get their applications. It’s not easy to figure out that a Trojanized game is actually Trojanized. According to the researchers, the application actually works as if it were any other kind of application, but works in a malicious way in the background. This background image will then put a Trojan APK that loads malicious code in the Android device’s memory using a DexClassLoader function. Now it’s up to Google to make sure these kinds of Trojanized apps don’t continue to pop up in its store.