k_Street Consulting, LLC Blog

Infected Applications Removed from Google Play Store

Infected Applications Removed from Google Play Store

We all download apps. There are literally millions of apps to choose from and sometimes nefarious developers can get their application published with ulterior motives. A situation has just happened as Google has removed twenty-two apps that were found to contain automated click-fraud scripts from the Google Play Store. We’ll take a short look at what these developers were up to, and how the fraudster would affect you if you were one of the two million users that happened to download these apps.

What Apps?
First, we’ll start with a complete list of the apps that had been infested with this nefarious code:

  • Sparkle FlashLight
  • Snake Attack
  • Math Solver
  • ShapeSorter
  • Tak A Trip
  • Magnifeye
  • Join Up
  • Zombie Killer
  • Space Rocket
  • Neon Pong
  • Just Flashlight
  • Table Soccer
  • Cliff Diver
  • Box Stack
  • Jelly Slice
  • AK Blackjack
  • Color Tiles
  • Animal Match
  • Roulette Mania
  • HexaFall
  • HexaBlocks
  • PairZap

What Did These Apps Do?
SophosLabs found a cache of apps that feature what they call “Andr/Clickr-ad” malware. These applications are engineered with maximum flexibility in mind. They could contact a common attacker-controller server to download what is called an ad-fraud module. It does this every 80 seconds. The malware simply opened a non-visible window and would repeatedly click on ads, making the network look like it was getting more traffic, fraudulently enhancing the developers’ revenue.

No specific ad network was specified by Sophos, but users who had downloaded these applications would see a decrease in the battery life and/or an increase in the amount of data their device would use. One strange part of this is that some of the ad traffic was able to identify itself as from coming from iPhones, despite this appearing on Android-only apps. They came from “Apple models ranging from iPhone 5 to 8 Plus and from 249 different forged models from 33 distinct brands of Android phones.” This ploy was used as a way to increase revenues further as some advertisers will pay a premium to get their ads onto Apple devices. iOS versions of the apps, largely by the same developers, didn’t have the malicious code integrated.

Download Legit Apps
How can you go about making sure that you aren’t part of this problem? Download legitimate applications. Some of the best ways to make sure the apps you are downloading are legit, include:

  • Read a lot of reviews - Much of the information you will need to see the legitimacy of an application can be found in the review of the app in the store. If you make a point to read eight or more reviews, you will quickly get a good idea about how functional the application is.
  • Check app permissions - Applications need permission from a user to use the core functions of the phone. If the application in question tends to need access to functions that it shouldn’t, you should be skeptical about the application.
  • Check the terms and conditions - Most people don’t go through the terms and conditions of anything, let alone an application for their smartphone. Even if you do make a point to read them, the amount of legalese found is akin to a lullaby or a warm glass of milk. The problem for users is that there is a lot of good information about the applications, and specifically how it uses data. If you do set aside some time to read about it, check out some language that is relevant to the way you use the application.
  • Research the developer - Nowadays, software development is filled with people that are looking to make a name for themselves. This type of ambition can lead to bad decision making. If you take some time to do some basic research about the developer of an app you have reason to question, you’ll likely find the truth of whether they can be trusted or not. If they want to be known, they likely promote their work via social media, so, start there.

Android has millions of legitimate applications on the Google Play Store, so worrying whether or not you’ve downloaded one that will put your data at risk shouldn’t be too worrisome as long as you stick to our best practices. To learn more about technology, security, and mobile strategies, call k_Street Consulting, LLC today at (202) 640-2737.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Thursday, February 21 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Digital Signature Internet of Things Thank You Information Passwords Save Money Outlook Windows 10 DDoS Data Storage Point of Sale Computing Infrastructure Virtual Desktop VoIP Software Remote Computing Cost Management Money Books Unified Threat Management Students Computer Hacker Streaming Media MSP Best Practice HaaS Bing Excel Blockchain eWaste Net Neutrality Maintenance Webinar Digital Payment Comparison Entertainment Data storage HIPAA Camera Data loss Hackers Gadgets Flash Smart Office Analytic Virtualization Tech Term Customer Relationship Management Compliance Work/Life Balance WIndows 7 Microsoft CrashOverride Users Scam Wireless Charging Social Media Printer Business Management Office 365 Browser FENG Internet Exlporer Best Available Virtual Reality Content Management Training Information Technology Government Regulations malware Access Control Two Factor Authentication Smartphones Efficiency Evernote Scalability Managed IT App Programming Artificial Intelligence Collaboration Search Engine Online Currency Memory IT Support Two-factor Authentication Environment Audit Cameras Cybercrime Search Saving Time Big data Antivirus Wireless Internet Network Practices communications Worker Audiobook Android Proactive Bandwidth BYOD Fax Server Emails Networking avoiding downtime Hosted Computing Safe Mode Managed IT Services Fiber-Optic Office Supercomputer Shadow IT Business Employee Video Games Battery Privacy Windows 8 Legal Hosted Solutions Risk Management SaaS Online Shopping Smart Tech Apple Google Docs Law Enforcement eCommerce Managed Service Provider Going Green How to Software as a Service Transportation HBO Uninterrupted Power Supply IT solutions Communication Statistics Paperless Office File Versioning LinkedIn Workers Innovation Marketing PowerPoint Quick Tips Miscellaneous Amazon Conferencing Netflix Mobile Device Management Internet exploMicrosoft Hiring/Firing Windows Media Player Computer Fan Entrepreneur Line of Business Network Congestion Screen Mirroring Wi-Fi Touchpad Customer Service Business Intelligence Computers Project Management People Credit Cards Education Connectivity Mobility Remote Worker SharePoint Windows USB Digital Signage Windows Server 2008 Remote Monitoring Frequently Asked Questions WiFi User Tips Wire Identity Theft Safety Strategy Microchip Office Tips Security IT Plan Human Resources Phishing Password Manager Automation Shortcut Bluetooth Wiring Business Mangement Solid State Drive Meetings YouTube Telecommuting Google Apps Touchscreen GDPR Data Insurance Humor NarrowBand IT Consultant Virtual Private Network Virus Tip of the Week Nanotechnology Running Cable Gmail Botnet Business Computing BDR Data Recovery IoT Tools Automobile Settings Rootkit IaaS Save Time Security Cameras Cleaning Administrator Remote Work Monitor Downtime Hybrid Cloud Applications Word webinar Data Breach Cybersecurity Telephony Windows 10 Smartphone Tech Support CES Business Owner Emergency Computer Accessories Lithium-ion battery Bloatware Warranty Value Apps Retail Professional Services Enterprise Content Management Intranet Content Smartwatch Google Drive Mobile Computing Thought Leadership Software Tips IT Management User Lifestyle Flexibility Employee/Employer Relationship Content Filter Chromecast Knowledge Upgrade Help Desk Computer Care Augmented Reality Hring/Firing Patch Management Assessment HVAC Benefits Managed IT Services Trending Hard Drives Microsoft Office Windows 10s Operating System Mouse Private Cloud Employer Employee Relationship Advertising Social Engineering analytics Spam Blocking Content Filtering Social Networking Electronic Health Records Politics User Error Consultant Voice over Internet Protocol Virtual Assistant Data Warehousing Redundancy Network Security Biometrics Data Backup Samsung IBM Start Menu Website Bring Your Own Device Mobile Office Data Security Router Millennials Shortcuts Cables PDF Business Continuity Server Read Healthcare Remote Monitoring and Maintenance Authentication Troubleshooting IT Services Reputation Notifications Cache Pain Points Disaster Recovery How To Cast Gaming Console Productivity Administration Ransomware Best Practices Budget NIST Instant Messaging Update Inventory Staff Regulation Password Vulnerability The Internet of Things Music IT Support Machine Learning Addiction Customers Techology Restore Data Managed Service Google Operating Systems VPN Leadership Holiday Hosted Solution Colocation Cloud Computing Cryptocurrency Mobile Device Storage iphone Company Culture Unsupported Software E-Commerce Files Physical Security Worker Commute Chrome Tip of the week travel Recycling Multi-Factor Security Firewall Google Search Backup Analysis Infrastructure Encryption Root Cause Analysis Hacking Data Protection Wearable Technology Telephone System Cortana OneNote Tablets Phone System Productivity Sync Alert Black Market Vendor Theft Analyitcs ISP IT Solutions Science Relocation Television History Servers Cloud Public Cloud Wireless Technology Charger File Sharing Distributed Denial of Service Printer Server Specifications Accountants Mobile Devices Email Spam Skype Document Management Smart Technology Loyalty Amazon Web Services Proactive IT Public Computer Workforce Workplace Tips Tablet Congratulations Password Management Sports Small Business Experience IT service Technology Mobile Facebook Domains Criminal Printers Outsourced IT Health Laptop End of Support Internet Robot Devices Hardware Managing Stress Unified Communications Twitter Application Archive Saving Money Computer Repair Current Events Vendor Management Utility Computing Fraud Recovery Product Reviews Data Management Backup and Disaster Recovery Windows 7 Keyboard Multiple Versions Business Technology Wireless Display Telephone Systems Electronic Medical Records Employer-Employee Relationship Social

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *