Multiple Games have been Marked as "Risky App" by Trustlook Antivirus

 

unnamed (1)

We have been monitoring Google Play Store for apps with vulnerabilities and malicious behaviors, updating our Antivirus App once we found them. We recently detected a large number of games that still affected by the JSInterface Remote Code Execution Vulnerability. Currently we have hundreds of vulnerable apps in the list, some of them have 10-50 million installations.

2014-02-06_17-14-13

 

If you are using Android below 4.2 (this includs 75% of Android users), while installed one of the affected apps, you will be vulnerable against an Man-in-the-Middle attack, which allow an attacker to execute arbitrary code on your Android – access your SMS, SD card, or even install an app from internet directly to your phone (DEMO). For example, at the time you connected to an untrusted wifi.

If attackers could compromised a DNS server, launching a DNS hijacking attack, the number of victims could be millions. Such event has once been happened on some largest websites and service providers: Techcrunch: LinkedIn’s DNS hijacking event  and  ZDNet: Baidu(China’s #1 search engine) DNS hijacking event

Once we found an app prone to this vulnerability, we will report it to the vendor. And the app’s affected versions will be marked as “Risky” in our Antivirus App. We also suggest all Android users to upgrade your system to 4.2 or above, for an enhanced security.

Here is part of our list, the games and entertainment apps that we recently found vulnerable under Android 4.2:

Package Name App Name Installations
com.tictactoe.wintrino Tic Tac Toe Pro 10,000,000 – 50,000,000
com.teamsoft.falldown Falldown Classic 5,000,000 – 10,000,000
com.sanguomobile.alipay Three Kingdom Mobile(CN) 2,000,000+
com.sanguomobile.paypal Three Kingdom Mobile(US)
com.miyaware.kokuban Drawing blackboard 1,000,000 – 5,000,000
com.lifecom.youtubestream YoutubeStream(free download) 1,000,000 – 5,000,000
com.skmnc.gifticon A Korean Shopping App 1,000,000 – 5,000,000
com.burtonar.kamasutra Kamasutra Sex Positions 1,000,000 – 5,000,000
com.playon.playonapp PlayOn 1,000,000 – 5,000,000
com.spice.hangman Hangman 1,000,000 – 5,000,000
com.zed.TrdWapLauncher Tone Room Deluxe 1,000,000 – 5,000,000
com.gameforge.xmobile.war War Game 1,000,000 – 5,000,000
com.gameforge.xmobile Vampires Game 500,000 – 1,000,000
com.interpark.shop A Korean Shopping app 500,000 – 1,000,000
com.freeview.appcom.130204 A Korean Shopping app 500,000 – 1,000,000
com.brennasoft.findastarbucks Coffee Finder 100,000 – 500,000
com.msquaredapplications.fantasyvengeance2 Fantasy Vengeance Strategy 100,000 – 500,000
com.wintrino.samegame Bubble break 100,000 – 500,000
com.kludgery.android.pandin PandIn Station Creator 100,000 – 500,000
com.mary.jackpot Jeeto Jackpot GK Quiz 100,000 – 500,000
org.my_pod.mypod MyPOD Podcast Manager Free 100,000 – 500,000
com.gameforge.xmobile.steampunk Steampunk Game 100,000 – 500,000
com.TLapp.BirdHuntingFree Bird Hunting Free 100,000 – 500,000
com.storybird.TetraJewels Tetra Jewels 100,000 – 500,000
com.TLapp.runwaycontrolLite Air Control Runway Free 100,000 – 500,000
com.zumobi.nba Sporting News Pro Hoops 100,000 – 500,000
com.mando.babelrising3dsponsored Babel Rising 3D Sponsored 50,000 – 100,000
com.playtouch.anibric Tap Tap animals 50,000 – 100,000
Total 25,700,000 – 108,700,000

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s