1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Android Adware Infects 36.5M Devices via Google Play

Discussion in 'Mobile Phones & Devices' started by starbuck, May 29, 2017.

  1. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    More than 41 Android apps managed to bypass Google's protections in the Play Store, makes heaps of cash for devs

    87a10a2980b8893462b1f740f97d412a.png

    What is believed to be one of the largest malware campaigns on Google Play Store has been discovered by security firm Checkpoint who claims that around 36.5 million Android devices were infected with ad-ware.

    According to the report, more than 41 Android apps made by a Korean company and uploaded to the Google Play Store actually carry malicious code.
    They have managed to attract plenty of users interested in them and are making the authors loads of money by creating fake ad clicks from the infected devices.

    Developed by Korean-based Kiniwini, all the malicious apps are published under the moniker ENISTUDIO.
    They all contain an adware program that's been dubbed as Judy, used to generate fraudulent clicks in exchange for ad revenue.

    It's not just this particular developer that's running apps infected with Judy, but also other developers that inexplicably contain the same malware.

    The malware has been dubbed Judy mostly because a good part of the apps published by Kiniwi contain the name, whether it's some variation of "Fashion Judy," "Chef Judy," or "Animal Judy."

    How does it work?

    "To bypass Bouncer, Google Play’s protection, the hackers create a seemingly benign bridgehead app, meant to establish connection to the victim’s device, and insert it into the app store," Checkpoint experts explain.
    "Once a user downloads a malicious app, it silently registers receivers which establish a connection with the C&C server.
    The server replies with the actual malicious payload, which includes JavaScript code, a user-agent string and URLs controlled by the malware author
    ."

    The malware then opens the URLs using the user agent that imitates a PC browser in a hidden webpage, receives a redirection to another website, which, as soon as it launches, the malware uses the JavaScript code to locate and click on banners from the Google ads infrastructure.

    Each click brings revenue to the malware authors via the aforementioned website.


    Source:
    http://news.softpedia.com/news/android-adware-infects-36-5m-devices-via-google-play-516109.shtml
     
  2. allheart55 (Cindy E)

    allheart55 (Cindy E) Administrator Administrator

    Joined:
    Jun 11, 2009
    Messages:
    10,518
    Location:
    Pennsylvania
    Operating System:
    Windows 10
    Computer Brand or Motherboard:
    ASUS M4A77TD AM3 AMD 770 ATX AMD
    CPU:
    AMD Phenom II X6 1090T-Thuban 3.2GHz
    Memory:
    Crucial-DDR3 SDRAM 1333-8GB
    Hard Drive:
    WD Caviar Black SE HDD 640 GB - WD Caviar Black SE HDD 500 GB
    Graphics Card:
    Sapphire Radeon HD-7870 2GB
    Power Supply:
    CORSAIR CMPSU-750W
    I just read about this not even 5 minutes ago.
    It makes me glad that I have a Windows phone.
    Sometimes I get frustrated that I am unable to have the apps that android phones have easily available and then I see something like this.
     
  3. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Luckily I only ever download something that I need.
    I have no games etc on my phone.
    Am also covered by Eset Mobile Security.
     
  4. DSTM (Dougie)

    DSTM (Dougie) Registered Members

    Joined:
    May 3, 2009
    Messages:
    8,270
    Location:
    SYDNEY AUSTRALIA
    Operating System:
    Windows 7
    I am glad I don't have a phone that can access the internet, either Windows or Android.
    When I walk the streets, people look at me in an odd way, as if to say "Why haven't you got a phone in your hand or to your ear?"
     

Share This Page