Hacking Team had developed an Android app that could dynamically execute malware payloads, and appeared within Google’s Play store as an innocuous news app, Trend Micro has said.
The app, BeNews, only requested three permissions from a user when installed, and was able to avoid Google’s automated app checks as no exploit was contained within its code, the security firm said.
“The fake news app was downloaded up to 50 times before it was removed from Google Play on July 7,” Trend Micro said. “Looking into the app’s routines, we believe the app can circumvent Google Play restrictions by using dynamic loading technology.”
View full story