Malware is nothing new for Android users to deal with, and mobile users in general for that matter. In fact all platforms have their issues with Malware. However there is a new one out there that is currently masquerading as an emulator for Nintendo games. What’s even worse is that it basically makes you pay for it, and then proceeds to steal your data at the same time.
The Malware is called Gunpoder, and so far three variants of it have been found, all of which are pretending to be Nintendo game emulators. It’s a sneaky move with all the hype around Nintendo joining the mobile gaming industry. What is making things a bit more difficult for antivirus programs is that Gunpoder is being packaged with an adware library called Airpush. Airpush is a mobile advertising platform developers can opt into for in-app ads, just like any other advertising platform like Google Adsense or Admob. So Gunpoder is trying to obfuscate itself with legitimate coding.
Gunpoder can do a lot of intrusive actions once installed on your device such as collecting bookmarks and browser histories, sending itself to other people over SMS, showing fraudulent advertisements and executing other code. What’s even worse though is that users are paying for it.
Basically when an app containing Gunpoder is executed, it will load up and then ask the user for a lifetime license for the emulator for either $0.20 or $0.49. Users can pay this either using their Paypal or Skrill accounts. So people are paying the money for the license, then having their information stolen. Current targeted locations include Iraq, Thailand, India, Indonesia, South Africa, Russia, France, Mexico, Brazil, Saudi Arabia, Italy, the U.S. and Spain.
While avoiding having your Android device infected with Malware is pretty easy, it still happens far too often to a lot of people. Always be sure to download games and applications from proper marketplaces such as Google Play and Amazon’s Appstore. Also be sure to check out the developer and make sure it is a legitimate app or game you’re downloading if it is on Google Play or Amazon. It is usually pretty easy to tell when someone isn’t legit.
Website Referenced: PCWorld