094 90 48200     Get SUPPORT

Aniar IT Services Blog

Infected Applications Removed from Google Play Store

Infected Applications Removed from Google Play Store

We all download apps. There are literally millions of apps to choose from and sometimes nefarious developers can get their application published with ulterior motives. A situation has just happened as Google has removed twenty-two apps that were found to contain automated click-fraud scripts from the Google Play Store. We’ll take a short look at what these developers were up to, and how the fraudster would affect you if you were one of the two million users that happened to download these apps.

What Apps?
First, we’ll start with a complete list of the apps that had been infested with this nefarious code:

  • Sparkle FlashLight
  • Snake Attack
  • Math Solver
  • ShapeSorter
  • Tak A Trip
  • Magnifeye
  • Join Up
  • Zombie Killer
  • Space Rocket
  • Neon Pong
  • Just Flashlight
  • Table Soccer
  • Cliff Diver
  • Box Stack
  • Jelly Slice
  • AK Blackjack
  • Color Tiles
  • Animal Match
  • Roulette Mania
  • HexaFall
  • HexaBlocks
  • PairZap

What Did These Apps Do?
SophosLabs found a cache of apps that feature what they call “Andr/Clickr-ad” malware. These applications are engineered with maximum flexibility in mind. They could contact a common attacker-controller server to download what is called an ad-fraud module. It does this every 80 seconds. The malware simply opened a non-visible window and would repeatedly click on ads, making the network look like it was getting more traffic, fraudulently enhancing the developers’ revenue.

No specific ad network was specified by Sophos, but users who had downloaded these applications would see a decrease in the battery life and/or an increase in the amount of data their device would use. One strange part of this is that some of the ad traffic was able to identify itself as from coming from iPhones, despite this appearing on Android-only apps. They came from “Apple models ranging from iPhone 5 to 8 Plus and from 249 different forged models from 33 distinct brands of Android phones.” This ploy was used as a way to increase revenues further as some advertisers will pay a premium to get their ads onto Apple devices. iOS versions of the apps, largely by the same developers, didn’t have the malicious code integrated.

Download Legit Apps
How can you go about making sure that you aren’t part of this problem? Download legitimate applications. Some of the best ways to make sure the apps you are downloading are legit, include:

  • Read a lot of reviews - Much of the information you will need to see the legitimacy of an application can be found in the review of the app in the store. If you make a point to read eight or more reviews, you will quickly get a good idea about how functional the application is.
  • Check app permissions - Applications need permission from a user to use the core functions of the phone. If the application in question tends to need access to functions that it shouldn’t, you should be skeptical about the application.
  • Check the terms and conditions - Most people don’t go through the terms and conditions of anything, let alone an application for their smartphone. Even if you do make a point to read them, the amount of legalese found is akin to a lullaby or a warm glass of milk. The problem for users is that there is a lot of good information about the applications, and specifically how it uses data. If you do set aside some time to read about it, check out some language that is relevant to the way you use the application.
  • Research the developer - Nowadays, software development is filled with people that are looking to make a name for themselves. This type of ambition can lead to bad decision making. If you take some time to do some basic research about the developer of an app you have reason to question, you’ll likely find the truth of whether they can be trusted or not. If they want to be known, they likely promote their work via social media, so, start there.

Android has millions of legitimate applications on the Google Play Store, so worrying whether or not you’ve downloaded one that will put your data at risk shouldn’t be too worrisome as long as you stick to our best practices. To learn more about technology, security, and mobile strategies, call Aniar IT Services today at 094 90 48200 .

An IT Christmas Carol
Tip of the Week: Locating a Misplaced Smartphone


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, March 18 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Business Computing Google User Tips Cloud Tech Term Email Data Backup Hosted Solutions Mobile Devices Microsoft Data Data Recovery Productivity Network Security Innovation Hardware Internet VoIP Cloud Computing Hackers Workplace Tips Malware Communication IT Services Windows 10 Smartphone Communications Efficiency Internet of Things IT Support Android Artificial Intelligence Managed IT Services Browser Backup Smartphones Business Windows Network Business Management Router Small Business Software Cybersecurity Chrome How To Word Cybercrime Computer Collaboration Mobile Device Applications BDR Gadgets Outsourced IT Office 365 Business Continuity Computers Saving Money Information Spam Server Mobile Device Management Holiday Managed Service Two-factor Authentication Vulnerability Ransomware Paperless Office Passwords Connectivity Money Encryption Facebook Settings Miscellaneous Data Security Data Protection Social Engineering Virtual Assistant Avoiding Downtime Spam Blocking Wi-Fi Identity Theft Phishing Comparison Bring Your Own Device Save Money Augmented Reality Operating System IT Management App Google Docs Law Enforcement BYOD Sports Telephone System Meetings Access Control Apps CES Telephony Google Drive Microsoft Office Managed IT Fraud Scam Business Intelligence Human Resources Update Infrastructure Machine Learning IT Plan Content Management Cryptocurrency Remote Monitoring Keyboard Private Cloud Software as a Service Website Botnet OneNote VPN Disaster Recovery Windows 7 Virtualization Password Unsupported Software Blockchain Upgrade Managed IT services Automation Social Media Redundancy Voice over Internet Protocol Data Storage Telephone Systems Software Tips HIPAA USB Smartwatch Frequently Asked Questions Recovery Wireless Charging Inventory Document Management Camera Start Menu Criminal Enterprise Content Management Mobility Wiring Business Technology Sync Multi-Factor Security Search Engine Millennials FENG Digital Signature Proactive IT WiFi Cortana Alert Business Mangement Smart Tech Electronic Medical Records Wire Health Excel Google Apps Addiction Password Management Social Online Shopping Firewall Servers Bing Value Workforce Credit Cards PDF MSP Net Neutrality Flash Gmail Specifications Solid State Drive Data Management Employee Tip of the week Workers Entertainment Warranty NIST Vendor The Internet of Things Downtime Evernote Cleaning Unified Threat Management Hacker Trending Windows 10s HVAC Help Desk File Sharing ISP HaaS Screen Mirroring Recycling Devices Audit Physical Security Digital Signage Windows Server 2008 Employer-Employee Relationship Authentication Printer Cache Display Big Data HBO Root Cause Analysis Practices Mobile Computing Thought Leadership Telecommuting Amazon Training Cryptomining Cast eWaste Staff Google Search Computer Care Bandwidth YouTube Mouse Public Cloud Wireless Internet Safe Mode Security Cameras Outlook Government Charger Hosted Computing Smart Office Quick Tips Skype Legal Networking Shortcuts Travel Remote Work Amazon Web Services Accountants Remote Worker Database Tools Work/Life Balance Computer Fan Save Time Patch Management Data loss Password Manager Nanotechnology Microchip Windows 10 Twitter Public Speaking CrashOverride Presentation Managing Stress Printers Lithium-ion battery Managed Service Provider Wireless Technology 5G Tech Support Safety IBM Hiring/Firing Productivity Marketing Fun Budget Competition Compliance Customer Relationship Management IP Address Users Emergency Regulation Customer Service Hard Drives Mobile Office Domains Search Wireless Company Culture