Aside from the official Android marketplace (Google Play), many Android users use other app stores to download apps. These unofficial Android app stores unlike Google play doesn’t take security into consideration before approving an app, hence leading infected apps to make their way.
Another fake app claiming to be the popular sling-shot game by Rovio Angry Birds Space has invaded unofficial app stores containing deadly malware.
Security Firm, Sophos reports :-
The Trojan horse, which Sophos detects as Andr/KongFu-L, appears to be a fully-functional version of the popular smartphone game, but uses the GingerBreak exploit to gain root access to the device, and install malicious code.
The Trojan communicates with a remote website in an attempt to download and install further malware onto the compromised Android smartphone.
With the malware in place, cybercriminals can now send compromised Android devices instructions to download further code or push URLs to be displayed in the smartphone’s browser.
It’s very important to keep notice of the marketplace you use to download apps for your mobile device. The best thing to do obviously is to download the free/paid versions of the app from the official version of the marketplace.
Even when you choose the official app store, please make sure to check the author of the app as some infected apps tend to make their way to the official marketplace as well.