Google Play Security News: Multiple 'Minecraft'-Related Apps Put Devices on Botnet for DDoS Attacks

By Jessica Ferrera, Christian Post Contributor

It was recently discovered that multiple "Minecraft"-related applications on Android's Google Play have been adding devices to botnet while also causing the launch of distributed denial-of-service (DDoS) attacks.

What made the issue worse was the fact that the said malicious apps had been downloaded several million times before security analysts learned they were linked to botnet operations.

As its name suggests, a botnet is a network of devices that utilize bots to flood targeted websites with traffic to force DDoS attacks. Once successful, victim sites crash and will be temporarily inaccessible.

Get Our Latest News for FREE

Subscribe to get daily/weekly email with the top stories (plus special offers!) from The Christian Post. Be the first to know.

This week, Symantec confirmed that it had discovered at least eight such applications on Google Play that were disguised as "Minecraft" programs with 600,000 to 2.6 million downloads mainly by users from the United States and some from Russia, Ukraine, Brazil, and Germany.

To add devices to a botnet, the said apps carry "a new and highly prevalent type of Android malware" that is known as Android.Sockbot, according to Symantec.

Symantec added that these apps provided mods for changing the appearances of "Minecraft: Pocket Edition" characters. However, what unsuspecting users did not realize was that these malware-infected apps automatically enabled its suspicious activities in the background.

Meanwhile, based on Symantec's observations, these apps were even more effective because they were not designed to show manifestations of a suspicious piece of software such as persistent and unwarranted ads.

The cyber security firm further explained: "This highly flexible proxy topology could easily be extended to take advantage of a number of network-based vulnerabilities, and could potentially span security boundaries."

"In addition to enabling arbitrary network attacks, the large footprint of this infection could also be leveraged to mount a distributed denial of service (DDoS) attack," Symantec further explained.

According to the cyber security firm, the detected malicious apps have been removed from Google Play since Symantec informed Google of their discovery on Oct. 6.

Smartphone users are encouraged to consistently install software updates, only use apps from trusted sources, and avoid getting them from websites outside Google Play.

Was this article helpful?

Help keep The Christian Post free for everyone.

By making a recurring donation or a one-time donation of any amount, you're helping to keep CP's articles free and accessible for everyone.

$25/month$50/quarter$100/yearOne-time

We’re sorry to hear that.

Hope you’ll give us another try and check out some other articles. Return to homepage.