Android adware 'infects millions' of phones and tablets

  • Thread starter Deleted member 21043
  • Start date
Status
Not open for further replies.
D

Deleted member 21043

Thread author
_80779730_6c2c5a1f-2e78-482a-9b0c-80bfcd5854f5.jpg

Google has suspended access to Durak card game among other titles

Android users are being warned that several popular apps that were on the official Google Play store appear to have contained hidden code that made malicious ads pop up.

Security firm Avast said that one of the apps involved - a free version of the card game Durak - had been downloaded up to 10 million times, according to Google Play's own counter.

Google has now blocked access.

But one expert noted that the problem might be less widespread than feared.

Avast said that it first became aware of the issue after a member of the public contacted it after carrying out his own investigation into how his Nexus 5 smartphone had come to be infected with malicious code.

The "adware" was causing spurious pop-up messages to appear that had been made to look like system notifications. These told him his phone was running "slow" and that he needed to install new software to fix the problem.

If he followed the on-screen prompts he was then directed to download other apps, only some of which were legitimate.

"You get re-directed to harmful threats on fake pages, like dubious app stores and apps that attempt to send premium SMS behind your back or to apps that simply collect too much of your data for comfort while offering you no additional value," wrote Avast's malware analyst Filip Chytry.

_80779733_1d2556af-6702-454c-ae4f-3d765ed05211.jpg


The adware brought up a range of fake warning messages
The original apps were said to have held off showing the pop-ups until seven or more days after being installed, which the analyst suggested was intended to mask the fact that they were responsible.

"Most people won't be able to find the source of the problem and will face fake ads each time they unlock their device," he wrote.

"I believe that most people will trust that there is a problem that can be solved with one of the app's advertised 'solutions' and will follow the recommended steps, which may lead to an investment into unwanted apps from untrusted sources."

In addition to the Durak card game, other apps alleged to be involved include:

  • A Russian language IQ test, which Google Play indicates had been downloaded up to five million times
  • A Russian history educational tool, which Google Play indicates had been downloaded up to 50,000 times
A search by the BBC for other apps made by the same developers revealed dozens more apps, including video games, a psychology guide, wedding planning software and cookery tips - all of which have now been blocked.

_80779735_4b344fb6-471d-4a11-b5b1-6e5d98c8577a.jpg

A wedding planning app is among the apps that are currently blocked
The publishers involved have not replied to requests for comment.

A spokesman for Google said: "We're just confirming that all of the apps in the report have been suspended and nothing more."

Inflated numbers
Although Google Play's own site indicated the software had been downloaded many millions of times, one security researcher was cautious about the figures.

"I would take the numbers with a pinch of salt because one thing that malware authors might do is deliberately up the amount of downloads in order to make an app appear more popular than it really is," said Dr Steven Murdoch from University College London's information security research group.

"Google does scan for malware that it knows about and it also has some more advanced techniques to detect malicious behaviour.

"But these don't work 100% of the time and some apps do slip through the checks - and there is a continual cat and mouse game of people looking for malware and the authors trying to bypass the checks."

Code:
Read more at: http://www.bbc.co.uk/news/technology-31129797
 

JAMESWT

Level 38
Verified
Top Poster
Well-known
Apr 7, 2014
2,739
Thanks for sharing

I think that all app before approvation and come on playstore should provider to avvendors to check it...

But we know that brain.exe is not for business corporate multinational software house...

Money.exe is the goal.... :(
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
That's the problem, Google Playstore must have a thoroughly checking standard for any developers wanted to upload their programs which virus free.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top