210 Android apps were infected with adware, researchers find

Millions of devices downloaded Android apps infected with adware, researchers say.

Omar Marques/SOPA Images/LightRocket via Getty Images

More than 200 Android apps were packed with adware that could compromise your phone, researchers said Wednesday.

Security researchers from Check Point found malicious code in 210 Android apps in the Google Play store that had been downloaded nearly 150 million times. The code was part of the new adware campaign and was hidden inside a software development kit (SDK) on these apps. Adware is a form of malware that installs itself on your device without you knowing and then displays ads.

Check Point said it notified Google, and Google said the apps have been removed.  

The infected apps were able to display background ads, open the browser to any page and download more malicious apps from either the Google Play store or a remote server, Check Point’s researchers said. The new browser page could lead to phishing websites — with pages that look real but are designed to trick people into revealing their login credentials. There was also code on the SDK that allowed the malicious app to delete its own icon, making it harder for victims to delete.

While these apps were fully capable of all this, the only malicious activity witnessed was the displaying of ads, Jonathan Shimonovich, a group manager at Check Point, said in an email.

In the Google Play store, the adware SDK was hidden in hundreds of apps, the majority of which were simulator games, the researchers found. The app with the most downloads was Snow Heavy Excavator Simulator, with more than 10 million downloads. Others included Ambulance Rescue Driving, Fire Truck Emergency Driver, Speed Boat Jet Ski Racing, Hoverboard Racing, Real Tractor Farming Simulator and Car Parking Challenge, each with more than 5 million downloads.

The malware was also found in live wallpaper apps and editing tools like Girlfriend photo editor, which was downloaded more than 1 million times.

Adware is a rising threat for mobile apps as attackers look to take advantage of millions of devices to make money through ad fraud. Advertisers pay a lot of money to get views, and hacker know they can generate fake views through infected devices.

In February, researchers detailed the DrainerBot ad fraud, which downloaded gigabytes of video ads that victims never saw.

The Google Play store is a frequent target for ad fraud because it’s more open to developers than Apple’s App Store. Android has improved its efforts to curb bad apps, noting last month that it fixed vulnerabilities in more than 75,000 apps in 2018.

Adware and malicious activity can often be hidden in the SDK, which are third-party tools used across apps. In another research paper Check Point released Wednesday, the security company said it found that an SDK hidden on 12 apps was stealing contact information from up to 111 million devices in China.

“Before integrating SDKs into their mobile applications, developers need to be aware of potential risks of undocumented and malicious behaviors implemented in third party SDKs,” Check Point said.

Source link

Share with your friends!

Products You May Like

Leave a Reply

Your email address will not be published. Required fields are marked *

Get The Latest Tech News
Straight to your inbox

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.