Yeah, your kids. The ones you attempt to shelter from the big bad world outside. If they’ve been playing Minecraft on their Android phones dressed as a thief, and a host of other basically worthless skins, they could be contributing to botnet attacks by the millions.
Symantec, known for its horrible pc breaking anti-virus Norton, has identified just a few more examples of the lawlessness present in app marketplaces. They estimate anywhere between 600k and 2.6 million devices were affected by this software. US devices seem to be targeted the most, although the software has made pockets of ill will inside Russia, Ukraine, Germany, and Brazil.
These apps are very well disguised and highlight a serious issue within the cell phone community. Not only is the app malicious but it’s still functional within the Minecraft: Pocket Edition game, making it much more likely to remain installed. As soon as you install the app, instead of just making superficial changes to your overly square adventures, it connects to a command and control server that begins sending commands to open ports on you or, worse, your child’s cell phone. With younger and younger people being given access to devices that track where you are, have sensors of all kinds that can take your picture, record audio, access your photos, and even worse if you aren’t a child (and have money) maybe even your banking information stored within other apps, this creates a very dangerous situation so easy to exploit that even the laziest criminals become motivated.
The remote-control functionality of this app’s most dangerous possibilities to the world at large are utilizing this huge network of unsuspecting Minecraft players in DDoS attacks. Luckily these apps have been removed from the store, but I believe a conversation about good internet usage behaviors should get put on the books as well. Giving children, and some adults, access to a device like a cell phone is borderline cruel, without properly arming them with the knowledge to use it safely. Fortunately for retailers, manufacturers, and software designers, user education is not a top priority. Selling as many devices as possible and growing their products footprint is the typical preoccupation. This also works out very well for people making malicious software.
Moral of the story? Don’t be a technological knuckle dragger and don’t raise your children to be either. Your info is your responsibility.