Security News Skinner Adware Using Precision Targeting Spotted on Google Play

Exterminator

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
A new type of adware using precision targeting has been found in apps across Google Play. Dubbed "Skinner," this new adware was found in an app providing game related features.

According to researchers from Check Point, the app was downloaded by over 10,000 users, hiding from Google's heavy scrutiny for two months. After its discovery, Google was informed, and the app vanished from the app store.

It seems the adware can track the users' location and actions, executing malicious code without the user's permission. Adware isn't exactly a new type of threat against users, but Skinner comes with new tactics to evade detection and maximize profits by targeting users with "unprecedented prevision."
What's Skinner?
Researchers explain that the malware contains a malicious library. Once unpacked, Skinner hides the malicious components of the code to avoid detection. Once the malware detects a user activity, which includes opening an app, the malicious activity begins.

The tool checks a number of conditions before launching, such as a connected debugger, or an emulator hardware in order to evade detection by researchers and security tools.

The malware sends data about the phone and the user to its C&C server, including the location and running apps, requesting ads to display.

"Skinner uses an advanced logic to display illegitimate ads to the user, without raising his suspicion, and raise the probability he will click on them. Instead of simply displaying any ad, the malware checks which type of app the user is using at a given moment and displays a suitable ad. This is a completely new behavior for a mobile adware," researchers explain the malware's unique behavior.

The ads display for four app categories - navigation apps, caller apps, utility apps, and browser apps.

Regularly, Adware relies on mass spread to generate large profits. Skinner, however, focuses on the users' habits and the apps it uses to increase the click chances, while also minimizing the risks of being caught.
Click to expand...
 
  • Like
Reactions: RoboMan and Nuno
RoboMan

RoboMan

Level 35
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,485
This is some next-level engineering! Claps for the malware developer, and clap for CheckPoint for discovering it on such difficult enviroment!
 
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • Wow
    • +Reputation
Malware News Over 200 malicious apps on Google Play downloaded millions of times
Replies
1
Views
1,183
Security News
Digmor Crusher
Digmor Crusher
CyberTech
    • Like
    • +Reputation
Android adware apps on Google Play amass two million installs
Replies
0
Views
841
News Archive
CyberTech
CyberTech
lokamoka820
    • Like
    • +Reputation
Malware News Android malware 'Necro' infects 11 million devices via Google Play
Replies
1
Views
1,585
Security News
i7ii
i7ii

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top