k_Street Consulting, LLC Blog

Infected Applications Removed from Google Play Store

Infected Applications Removed from Google Play Store

We all download apps. There are literally millions of apps to choose from and sometimes nefarious developers can get their application published with ulterior motives. A situation has just happened as Google has removed twenty-two apps that were found to contain automated click-fraud scripts from the Google Play Store. We’ll take a short look at what these developers were up to, and how the fraudster would affect you if you were one of the two million users that happened to download these apps.

What Apps?
First, we’ll start with a complete list of the apps that had been infested with this nefarious code:

  • Sparkle FlashLight
  • Snake Attack
  • Math Solver
  • ShapeSorter
  • Tak A Trip
  • Magnifeye
  • Join Up
  • Zombie Killer
  • Space Rocket
  • Neon Pong
  • Just Flashlight
  • Table Soccer
  • Cliff Diver
  • Box Stack
  • Jelly Slice
  • AK Blackjack
  • Color Tiles
  • Animal Match
  • Roulette Mania
  • HexaFall
  • HexaBlocks
  • PairZap

What Did These Apps Do?
SophosLabs found a cache of apps that feature what they call “Andr/Clickr-ad” malware. These applications are engineered with maximum flexibility in mind. They could contact a common attacker-controller server to download what is called an ad-fraud module. It does this every 80 seconds. The malware simply opened a non-visible window and would repeatedly click on ads, making the network look like it was getting more traffic, fraudulently enhancing the developers’ revenue.

No specific ad network was specified by Sophos, but users who had downloaded these applications would see a decrease in the battery life and/or an increase in the amount of data their device would use. One strange part of this is that some of the ad traffic was able to identify itself as from coming from iPhones, despite this appearing on Android-only apps. They came from “Apple models ranging from iPhone 5 to 8 Plus and from 249 different forged models from 33 distinct brands of Android phones.” This ploy was used as a way to increase revenues further as some advertisers will pay a premium to get their ads onto Apple devices. iOS versions of the apps, largely by the same developers, didn’t have the malicious code integrated.

Download Legit Apps
How can you go about making sure that you aren’t part of this problem? Download legitimate applications. Some of the best ways to make sure the apps you are downloading are legit, include:

  • Read a lot of reviews - Much of the information you will need to see the legitimacy of an application can be found in the review of the app in the store. If you make a point to read eight or more reviews, you will quickly get a good idea about how functional the application is.
  • Check app permissions - Applications need permission from a user to use the core functions of the phone. If the application in question tends to need access to functions that it shouldn’t, you should be skeptical about the application.
  • Check the terms and conditions - Most people don’t go through the terms and conditions of anything, let alone an application for their smartphone. Even if you do make a point to read them, the amount of legalese found is akin to a lullaby or a warm glass of milk. The problem for users is that there is a lot of good information about the applications, and specifically how it uses data. If you do set aside some time to read about it, check out some language that is relevant to the way you use the application.
  • Research the developer - Nowadays, software development is filled with people that are looking to make a name for themselves. This type of ambition can lead to bad decision making. If you take some time to do some basic research about the developer of an app you have reason to question, you’ll likely find the truth of whether they can be trusted or not. If they want to be known, they likely promote their work via social media, so, start there.

Android has millions of legitimate applications on the Google Play Store, so worrying whether or not you’ve downloaded one that will put your data at risk shouldn’t be too worrisome as long as you stick to our best practices. To learn more about technology, security, and mobile strategies, call k_Street Consulting, LLC today at (202) 640-2737.

Network Security Is All About Handling Threats
Protecting Your Business by Understanding IoT Secu...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, April 21 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Data Protection Storage Machine Learning Best Available Law Enforcement File Versioning Instant Messaging Internet Budget Consultant Telephone System Smartwatch Mobile Environment Running Cable Colocation Telecommuting Social HIPAA Millennials Passwords Benefits Rootkit Server Notifications Risk Management Android Electronic Health Records IT Solutions Hosted Solutions Employee/Employer Relationship Saving Time Supercomputer Health Thank You Administrator VoIP Twitter Retail Books Workers SharePoint Bing Entertainment Work/Life Balance Conferencing Public Computer Battery Students Upgrade Servers Workforce Multiple Versions IoT Outlook Customer Relationship Management Maintenance Small Business Intranet Cleaning Regulations Hackers Robot Hosted Computing Tools End of Support Best Practices Microsoft Sync Amazon Web Services SaaS Solid State Drive Trending Business Computing Laptop Application OLED Remote Monitoring Wiring Emails Data storage Memory Fraud Windows 8 Mobile Computing Windows 7 Analyitcs Education HaaS Hring/Firing People Amazon Software Settings Data loss Files IaaS The Internet of Things Customer Service Physical Security Shortcuts Humor Database Windows 10 Security Cameras Botnet Bring Your Own Device Cameras Digital Signature Information Hacking Best Practice IBM HVAC Social Engineering Smart Tech Office 365 Password Manager Users Virtual Assistant Efficiency Hosted Solution Network Security GDPR Camera iphone Frequently Asked Questions IT Management IT Support Transportation Lifestyle Practices Voice over Internet Protocol Google Docs PowerPoint Search Skype Display Communication Black Market Online Currency How to LinkedIn Compliance Office Reputation Private Cloud Devices Business Management Microsoft Office ISP Tip of the Week Network Privacy Phishing Holiday Regulation Administration BDR Smartphone Insurance Ransomware Cybercrime Downtime Save Time Windows 10s Leadership Hiring/Firing Cortana Statistics Business Continuity Social Networking Line of Business Data Warehousing App Theft Password Management Patch Management Flash Television Assessment Mobility Staff Paperless Office Lithium-ion battery Productivity Document Management Evernote Alert Digital Payment Worker Commute Managed IT Services File Sharing Printer Electronic Medical Records Proactive travel Unified Threat Management Cast Experience Accountants Website Politics Recovery Antivirus Mobile Office WIndows 7 Two Factor Authentication Managed IT Windows Media Player Emergency Business Start Menu How To Public Cloud Office Tips Streaming Media Employer Employee Relationship Internet Exlporer Disaster Recovery Audit Authentication Employee Operating Systems Wireless Charging Manufacturing User Going Green Facebook Update Netflix Information Technology Data Breach Vulnerability DDoS Scalability Cloud Computing Data Backup Keyboard Security Bandwidth Mobile Devices Miscellaneous Enterprise Content Management Cybersecurity Backup Artificial Intelligence Credit Cards Help Desk FENG Healthcare Training User Error Search Engine Programming Virtual Desktop Saving Money Smart Technology Network Congestion Business Technology Government Safe Mode Content Filtering Distributed Denial of Service analytics IT Consultant Outsourced IT Operating System Uninterrupted Power Supply WiFi Troubleshooting Entrepreneur Net Neutrality Sports Computer Repair Networking Biometric Security Managing Stress IT solutions Wire Hacker Router E-Commerce Social Media CES Redundancy Online Shopping Automation Bloatware Current Events Wireless Cloud CrashOverride malware Windows Server 2008 Data Security 5G Bluetooth Flexibility Monitor Microchip Telephony Wireless Internet Vendor History Virtual Reality Cryptocurrency Excel Big data Pain Points BYOD Touchscreen eCommerce Data Storage Restore Data Mobile Device USB Vendor Management Samsung Science Connectivity communications Logistics Google Virus Worker Fax Server Knowledge Recycling Shortcut Utility Computing Touchpad Augmented Reality Tablets Point of Sale Browser User Tips Google Drive Customers Scam Nanotechnology Webinar Safety Chromecast Gmail Backup and Disaster Recovery Printers Digital Signage Encryption Professional Services Human Resources Identity Theft Business Intelligence Wi-Fi Music Hybrid Cloud Shadow IT Internet of Things Smart Office Content Distribution Analytic Productivity Read Internet exploMicrosoft Software Tips Cryptomining VPN Gadgets Software as a Service IT service Addiction Mobile Device Management Root Cause Analysis Value Warranty Cables Tech Term Apps Specifications Legal Quick Tips webinar avoiding downtime Word Hard Drives Video Games Unified Communications Apple Remote Worker NIST Telephone Systems Password Tablet Wireless Technology Firewall Managed Service Chrome Tech Support Blockchain Cache Computer Accessories Innovation Cost Management Mouse Company Culture Congratulations Biometrics Spam Managed IT Services Computer Care Marketing Advertising Inventory Collaboration Charger Proactive IT Computers Domains Managed Service Provider Google Apps Multi-Factor Security Smartphones IT Plan Windows 10 Remote Computing Email Wearable Technology Audiobook Remote Monitoring and Maintenance Infrastructure Strategy Criminal Technology Data Management Thought Leadership Save Money Fiber-Optic Two-factor Authentication Data Recovery Screen Mirroring Computer Virtual Private Network Computing Infrastructure Content Filter Employer-Employee Relationship PDF NarrowBand Loyalty Virtualization Analysis Applications eWaste Hardware Content Management Data Tip of the week Google Search IT Support Business Mangement Unsupported Software Windows Meetings Access Control Gaming Console Archive Remote Work Product Reviews MSP Printer Server Phone System Comparison Techology Relocation OneNote HBO Workplace Tips Spam Blocking IT Services YouTube Automobile Business Owner Money Project Management Computer Fan

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *