Malicious Android apps deactivated fraud code to bypass Google's security scans

[silversurfer]

Content source

https://www.zdnet.com/article/malicious-android-apps-deactivated-fraud-code-to-bypass-googles-security-scans/

Google has recently removed a suite of malicious Android applications from the official Play Store that were caught showing out-of-context ads and intrusive browser redirects on Android smartphones.

Bot mitigation company White Ops, which discovered and reported the malicious apps to Google's security team, said the apps were developed by the same criminal group.

Researchers said the group created at least 38 Android apps geared towards bombarding users with ads, but that recent applications had been modified to disable the malicious adware functions inside the source code, most likely to avoid Google's Play Store security scans during the app submission and approval process. Hiding the malicious code was necessary because when the group first began creating the adware apps, they didn't have much success.

Beauty and the (Fraud) Beast - HUMAN Security

The White Ops Satori Threat Intelligence and Research Team identified and tracked an ad fraud operation of 38 applications. Discover what they all have in common.

www.whiteops.com

 

[RXZ6Q]

Beauty and the (Fraud) Beast - HUMAN Security

The White Ops Satori Threat Intelligence and Research Team identified and tracked an ad fraud operation of 38 applications. Discover what they all have in common.

www.whiteops.com

Wow, thanks for sharing this, sir ! The obfuscation is crazy and I wonder if any Android antivirus could catch this...

 

[CyberTech]

Good work google team! that's great...