14 DAY TRIAL // A malware family named Brain Test has resurfaced on the Google Play Store, after previously being taken down, first in September and later in October of 2015.
The malware was first spotted in the Brain Test app, an IQ testing application with around 1 million downloads, which also gave the malware's name.
Check Point's staff first analyzed the app's sneaky behavior, and following their research, Google took it down. This didn't stop its authors from packaging the malware in other applications, but researchers from Lookout quickly spotted these apps too, and by October, they had Google remove them from the Play store as well.
As you've probably guessed it, the malware is back again, and the same Lookout researchers spotted it in other 13 apps, which Google removed on December 29.
Brain Test malware used to push unwanted Android apps
The original Brain Test malware infected Android smartphones with the purpose of gaining root privileges and then installing unsolicited applications without the user's knowledge.
Because there are app affiliate programs that reward users and website owners using a pay-per-install scheme, the malware's authors are making a profit from infecting smartphones and forcing unwanted apps, even if the apps secretly pushed to users aren't malicious in nature.
According to Lookout researchers, to avoid getting caught again, this new version of the Brain Test malware was also modified to rate other Brain Test malware-infected apps, to help them gain reputation.
Additionally, the infected app's core features were left intact so that users wouldn't be able to detect the malware infection through buggy or broken features. Since most of the infected Android apps were simple, fully functional, and quite fun games, most users never suspected a thing.
Since the Brain Test malware gains boot persistence, resetting the phone to factory settings won't help users delete the malware. Lookout's team recommends backing up all data, wiping the entire ROM storage clean, and reinstalling the Android OS from scratch.