Google has removed around 300 apps from the Play Store after it was discovered that they were hijacking Android devices to help aid wide-scale distributed DDoS attacks. The “WireX” botnet was hidden inside apps like ringtone maker, file managers etc.
These infected apps worked flawlessly and did not give users any reason to doubt their nefarious intentions. As long as you had one of these apps installed on your device, it was silently participating in a wide-scale DDoS attack without you knowing anything about it.
The malware first caught the attention of content delivery network provider Akamai which has since then been working with researchers from Google, Cloudfare, RiskIQ, and others to combat the botnet.
“We identified approximately 300 apps associated with the issue, blocked them from the Play Store, and we’re in the process of removing them from all affected devices,” a Google spokesperson said in a statement. “The researchers’ findings, combined with our own analysis, have enabled us to better protect Android users, everywhere.”
Akamai estimates that at least 70,000 Android devices were affected by the WireX botnet.
Google has been aggressively using machine learning and various other tools to help keep nefarious apps away from the Play Store. Thanks to its Play Protect suite, the company was able to quickly remove such apps from the Play Store and also from users’ devices. Nonetheless, you should still be cautious while installing apps from the Play Store.