BadNews masquerades as an innocent, if somewhat aggressive advertising network. This is one of the first times that we’ve seen a malicious distribution network clearly posing as an ad network. Because it’s challenging to get malicious bad code into Google play, the authors of Badnews created a malicious advertising network, as a front, that would push malware out to infected devices at a later date in order to pass the app scrutiny.
What Badnews can do with your device?
- Send Fake News Messages
- Prompt users to Install applications
- Sends sensitive information like Phone Number abd Device ID to its (C&C) Server.
- BadNews also display fake news messages in order to push out other types of monetization malware and promote affiliated apps
- Make sure the Android system setting ‘Unknown sources’ is unchecked to prevent dropped or drive-by-download app installs.
- Download a mobile security app like Lookout’s app that protects against malware as a first line of defense.