Malicious version of Angry Birds Space spotted in the wild

Malicious version of Angry Birds Space spotted in the wild

Summary: Security researchers from Sophos Labs, have detected yet another bogus version of Angry Birds Space.

SHARE:

Security researchers from Sophos Labs, have detected yet another bogus version of Angry Birds Space.

According to the company, the malicious version of the popular game, is fully-functional copy of the game. However, it uses the GingerBreak exploit in order to gain root access to the Android device and install additional malicious code.

Detected as Andr/KongFu-L, the malicious app communicates with a remote server in an attempt to phone back and install additional malware on the affected Android devices.

Mobile malware targeting the Android OS is exploding, according to a recently released report by Juniper Networks entitled "2011 Mobile Threats Report".

End users are advised to be extra vigilant when interacting with secondary Android applications stores.

Topics: Android, Apps, Malware, Mobile OS, Security, Servers

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

13 comments
Log in or register to join the discussion
  • really?

    angry bird is FREE on Google Play. Why anyone really wants to download it anywhere else? Virus hunters?
    tatiGmail
    • Yes which makes it perfectly ok that theres a security hole in android that

      users cant get a patch for. Yay for google not caring as long as they can still send ads to these phones!
      Johnny Vegas
      • This is not in the Google market or the Amazon market

        Just like with any other computer, if you get your software from shady sources, you can get burned.
        radleym
      • That particular hole only exists

        When users enable the "Unknown Sources" toggle under the Applications setting. This has to be enabled for any apps to be installed that are NOT on the Google Play Market. Nor is this Google sending the malware to the Android Devices.

        Granted this is something Google should look into but at the same time this carries the same exact risk that downloading PC software from an unknown source does.
        NonFanboy
    • Google Play?

      Sure, it's free on Google play, if you can use Google Play.

      Just because a device is Android, doesn't mean you can use the store. I'd assume most of the $100 tablets are blocked from using Google play. I bought a NextBook a couple months ago, and have been trying to d/l the local TV station weather app for that entire time.....
      freakneck
  • freelance

    my buddy's mother-in-law makes $68 an hour on the laptop. She has been unemployed for 5 months but last month her pay was $7236 just working on the laptop for a few hours. Read more on this web site... makecash16.com
    martin711
    • sounds like

      your buddy's mother-in-law is a prostitute, or worse. And you are not much better, peddling your scams.
      PepperdotNet
      • Guess he's really close

        to his mom-in-law then isn't he?
        T-Wrench
  • Good news: this website (http://lnk.co/ILTHN ) we has been updated and add

    Good news: this website (http://lnk.co/ILTHN ) we has been updated and add products and many things they
    abandoned their increases are welcome to visit our website. Accept cash or
    credit card payments, free transport. You can try oh, will make you satisfied.

    http://lnk.co/ILTHN

    http://lnk.co/ILTHN

    http://lnk.co/ILTHN



    asfsegfre
    xhopdsvg
    • I wonder

      Why is it that I always have to be logged in, and they know who I am, to be able to post here, but these spammers just keep on posting their junk.
      PepperdotNet
      • You know that's a good question?

        :-(
        T-Wrench
      • Dummy accounts.

        They make an account and log in, same as you, and post spam until the account gets blocked. Then they just make another throw-away account with a random name like, say, xhopdsvg. What I don't get is why. Surely people don't click through on random links in broken-english comments that are only tangentially related to the article's topic. Surely...
        tarscrap
  • doesnt surprise

    it doesnt surprise me, android is like the windows of the mobile market. It has incredible marketshare and everyone wants it. Therefore its a huge target for malware.
    Jimster480