If you downloaded the latest version of Angry Birds for Android from an unofficial app store, the software could have compromised your device and granted system control to the Bad Guys, according to a security research firm. This week’s Android security threat of note is the new version of the insanely popular Angry Birds mobile game: Angry Birds Space. However, you need not worry if you downloaded the app from Google’s official Play Store; the mad avian malware appears to be coming only from unofficial app stores, according to security researcher Sophos. The sketchy software reportedly packs two malicious ELF files, attached to the end of a JPG image file, and it lets Bad Guys send instructions to infected devices to download more potentially-harmful code or load URLs in those smartphones’ browsers, among other things. Sophos says the Trojan basically makes your device “part of a botnet, under the control of malicious hackers.” And the game works just as it should so you might not suspect any foul play. From Sophos: “The Trojan horse…appears to be a fully-functional version of the popular smartphone game, but uses the GingerBreak exploit to gain root access to the device, and install malicious code. The Trojan communicates with a remote website in an attempt to download and install further malware onto the compromised Android smartphone.” This type of threat isn’t exactly new or different; malware creators have been repackaging popular apps like Angry Birds with harmful code for quite some time, and anyone who installs apps from third-party app stores should know that they’re taking a chance with every download. In fact, Android users can’t install third-party apps at all without either “rooting” their devices and/or enabling a specific system setting that warns them of the dangers of installing apps from unofficial sources. In general, it’s wise to download Android apps only from Google’s Play Store, but if you must use a third-party you should know that you may end up paying more for that free download than the dollar or two Google’s charging in its store. (Check out my last few Android Security Threat of the Week stories: 03.23.12; 3.15.12; and 03.02.12.) AS Via the Sophos nakedsecurity blog Related content brandpost Sponsored by Freshworks When your AI chatbots mess up AI ‘hallucinations’ present significant business risks, but new types of guardrails can keep them from doing serious damage By Paul Gillin Dec 08, 2023 4 mins Generative AI brandpost Sponsored by Dell New research: How IT leaders drive business benefits by accelerating device refresh strategies Security leaders have particular concerns that older devices are more vulnerable to increasingly sophisticated cyber attacks. By Laura McEwan Dec 08, 2023 3 mins Infrastructure Management case study Toyota transforms IT service desk with gen AI To help promote insourcing and quality control, Toyota Motor North America is leveraging generative AI for HR and IT service desk requests. By Thor Olavsrud Dec 08, 2023 7 mins Employee Experience Generative AI ICT Partners feature CSM certification: Costs, requirements, and all you need to know The Certified ScrumMaster (CSM) certification sets the standard for establishing Scrum theory, developing practical applications and rules, and leading teams and stakeholders through the development process. By Moira Alexander Dec 08, 2023 8 mins Certifications IT Skills Project Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe