Two Android apps with 1.5 million downloads were secretly clicking on ads

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,176
Two Android apps available in the Google Play Store, which had racked up over 1.5 million downloads between them, used a new trick to secretly click on ads without the knowledge of smartphone users.

According to researchers at security company Symantec, the two apps were in the Play Store for almost a year before being discovered. After Symantec told Google about the behaviour of the apps they were removed from the app store.

The two apps -- a notepad app called 'Idea Note: OCR Text Scanner, GTD, Color Notes' and a fitness app 'Beauty Fitness: daily workout, best HIIT coach' - were packed using legitimate packers originally developed to protect the intellectual property of Android applications, Symantec said. As these packers can change the flow of an Android Package Kit this makes it more difficult for researchers who want to understand its inner workings.

The apps also use a sneaky way to display ads while keeping them hidden from the user, effectively placing the adverts outside of the device's viewable screen area - which means the user simply can't see it.

"Using this tactic allows advertisements, and any other potentially malicious content, to be displayed freely. The app can then initiate an automated ad-clicking process that produces ad revenue," Symantec said. But as the app generates these 'ghost' clicks on ads to make money, users could find their smartphone batteries drained, their device slowing down or even running out of data, thanks to frequent visits to ad websites.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top