Haken Malware Family Infests Google Play Store

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
Researchers have caught eight malicious Android apps in the official Google Play app store marketplace distributing a new malware family. The “Haken” malware exfiltrates sensitive data from victims and covertly signs them up for expensive premium subscription services.

The eight apps in question, which have since been removed, had collectively been downloaded 50,000 times. The apps were mostly camera utilities and children’s games, including “Kids Coloring,” “Compass,” “qrcode,” “Fruits coloring book,” “soccer coloring book,” “fruit jump tower,” “ball number shooter” and “Inongdan.” The apps legitimately function as advertised – but in the background covertly perform an array of malicious functions.

“Haken has shown clicking capabilities while staying under the radar of Google Play,” said researchers with Check Point Research, in an analysis on Friday. “Even with a relatively low download count of 50,000+, this campaign has shown the ability that malicious actors have to generate revenue from fraudulent advertising campaigns.”

The downloaded Haken malware is what researchers call “clicker” malware, meaning that it mimics the user and clicks on anything that appears on the device’s screen. The impact of this on victims is two-fold: First, downloaded apps are able to sign users up for premium subscription services without them knowing. Second, this malware can access any sensitive information visible on the mobile screen – from work emails to work conversations over messaging apps.
 

Antus67

Level 9
Verified
Well-known
Nov 3, 2019
413
What does Google play have to do to curb this problem and eliminate these exploits??
 
  • Like
Reactions: upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top