Infracore LLC Blog

Infected Applications Removed from Google Play Store

Infected Applications Removed from Google Play Store

We all download apps. There are literally millions of apps to choose from and sometimes nefarious developers can get their application published with ulterior motives. A situation has just happened as Google has removed twenty-two apps that were found to contain automated click-fraud scripts from the Google Play Store. We’ll take a short look at what these developers were up to, and how the fraudster would affect you if you were one of the two million users that happened to download these apps.

What Apps?
First, we’ll start with a complete list of the apps that had been infested with this nefarious code:

  • Sparkle FlashLight
  • Snake Attack
  • Math Solver
  • ShapeSorter
  • Tak A Trip
  • Magnifeye
  • Join Up
  • Zombie Killer
  • Space Rocket
  • Neon Pong
  • Just Flashlight
  • Table Soccer
  • Cliff Diver
  • Box Stack
  • Jelly Slice
  • AK Blackjack
  • Color Tiles
  • Animal Match
  • Roulette Mania
  • HexaFall
  • HexaBlocks
  • PairZap

What Did These Apps Do?
SophosLabs found a cache of apps that feature what they call “Andr/Clickr-ad” malware. These applications are engineered with maximum flexibility in mind. They could contact a common attacker-controller server to download what is called an ad-fraud module. It does this every 80 seconds. The malware simply opened a non-visible window and would repeatedly click on ads, making the network look like it was getting more traffic, fraudulently enhancing the developers’ revenue.

No specific ad network was specified by Sophos, but users who had downloaded these applications would see a decrease in the battery life and/or an increase in the amount of data their device would use. One strange part of this is that some of the ad traffic was able to identify itself as from coming from iPhones, despite this appearing on Android-only apps. They came from “Apple models ranging from iPhone 5 to 8 Plus and from 249 different forged models from 33 distinct brands of Android phones.” This ploy was used as a way to increase revenues further as some advertisers will pay a premium to get their ads onto Apple devices. iOS versions of the apps, largely by the same developers, didn’t have the malicious code integrated.

Download Legit Apps
How can you go about making sure that you aren’t part of this problem? Download legitimate applications. Some of the best ways to make sure the apps you are downloading are legit, include:

  • Read a lot of reviews - Much of the information you will need to see the legitimacy of an application can be found in the review of the app in the store. If you make a point to read eight or more reviews, you will quickly get a good idea about how functional the application is.
  • Check app permissions - Applications need permission from a user to use the core functions of the phone. If the application in question tends to need access to functions that it shouldn’t, you should be skeptical about the application.
  • Check the terms and conditions - Most people don’t go through the terms and conditions of anything, let alone an application for their smartphone. Even if you do make a point to read them, the amount of legalese found is akin to a lullaby or a warm glass of milk. The problem for users is that there is a lot of good information about the applications, and specifically how it uses data. If you do set aside some time to read about it, check out some language that is relevant to the way you use the application.
  • Research the developer - Nowadays, software development is filled with people that are looking to make a name for themselves. This type of ambition can lead to bad decision making. If you take some time to do some basic research about the developer of an app you have reason to question, you’ll likely find the truth of whether they can be trusted or not. If they want to be known, they likely promote their work via social media, so, start there.

Android has millions of legitimate applications on the Google Play Store, so worrying whether or not you’ve downloaded one that will put your data at risk shouldn’t be too worrisome as long as you stick to our best practices. To learn more about technology, security, and mobile strategies, call Infracore LLC today at (858) 509-1970.

An IT Christmas Carol
Tip of the Week: Locating a Misplaced Smartphone


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, January 18 2019

Captcha Image

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Cloud Business computing Google Network Security Hosted Solutions Hackers Microsoft Data Malware Software Innovation User Tips Hardware Business Backup Internet Tech Term Smartphones Mobile Devices Browser Business Continuity Smartphone Email Data Backup Windows 10 Productivity VoIP Computer Android IT Services Outsourced IT Business Management Cloud Computing Managed IT Services Alert Workplace Tips Communications Data Recovery Disaster Recovery Small Business Miscellaneous Office Efficiency Communication Artificial Intelligence Computers Router Managed IT Services Ransomware Chrome Windows 10 Cybercrime Network Law Enforcement Office 365 How To Productivity Password Applications Money Facebook Virtualization Windows Passwords Social Media Internet of Things IT Support Telephone Systems Holiday Collaboration Cybersecurity Saving Money Quick Tips Spam Upgrade Wi-Fi Information Health Mobile Device Work/Life Balance Gadgets Social Engineering Word Server Google Drive App Automation Hacking Vulnerability Voice over Internet Protocol Settings Scam Data Breach Mobility Two-factor Authentication Mobile Device Management Connectivity Managed Service Apps Bring Your Own Device Phishing HaaS Private Cloud Save Money Data Security BDR Office Tips IT Support Keyboard Microsoft Office Data Protection Flexibility Windows 7 Content Management Cleaning End of Support Botnet BYOD Worker Legal History Business Intelligence Automobile Blockchain Big Data Data Storage Update Computer Care Servers Identity Theft Infrastructure Paperless Office OneNote Encryption Data Management Redundancy PDF IT Management Spam Blocking Samsung Avoiding Downtime Electronic Medical Records Training Machine Learning VPN Bandwidth Entertainment Human Resources Marketing Virtual Assistant Managed Service Provider IT Plan Operating System Google Docs USB Value Government Fraud Access Control Firewall Networking Battery Unsupported Software Sports Comparison Telephone System Website CES Public Cloud Remote Monitoring Employer-Employee Relationship Charger Remote Computing Software as a Service Managed IT Telephony Patch Management Camera Data storage SaaS NIST Hacker Hybrid Cloud Cast Amazon Web Services Nanotechnology Augmented Reality Recovery Outlook Recycling Experience Scalability Shortcuts Remote Work Practices Two Factor Authentication Knowledge Computing Infrastructure Emails Workers Addiction Risk Management Document Management Microchip Skype Digital Signature Hiring/Firing Solid State Drive Flash Wireless Cryptocurrency Apple Online Shopping Smart Tech Remote Worker Frequently Asked Questions eWaste Music Social Internet exploMicrosoft Meetings Travel Hosted Computing Network Congestion Cache Politics Rootkit Best Practice Search Engine Millennials Start Menu Transportation Safety Employer Employee Relationship Wireless Internet Warranty Audit Multi-Factor Security HIPAA Books Assessment Safe Mode iPhone Evernote Users Wiring WiFi Excel Criminal Wearable Technology Information Technology HVAC Vendor Advertising Credit Cards Inventory IT Consultant Techology IT solutions Physical Security Password Manager Content Bing Relocation User Error Workforce Tools Benefits Wireless Charging Devices Computer Accessories Wire Printer Computer Fan Trending Sync Television Search Virtual Reality Unified Threat Management Monitor Tip of the week Instant Messaging Enterprise Content Management Display Data loss Leadership MSP Business Mangement Vendor Management Video Games Audiobook YouTube Help Desk Downtime Accountants Cortana Thought Leadership Bluetooth Mouse The Internet of Things Staff Emergency Public Computer How to webinar Worker Commute Mobile Computing Windows 10s Windows Server 2008 Troubleshooting Loyalty Password Management Security Cameras Screen Mirroring Amazon Authentication Save Time File Sharing HBO Gmail Humor Internet Exlporer Root Cause Analysis Telecommuting Smart Technology Current Events Education Conferencing Software Tips Google Apps Smart Office Administrator Files FENG Specifications Black Market Managing Stress Regulation Printers Smartwatch Thank You Webinar Congratulations CrashOverride Company Culture Twitter Compliance

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

AngusCousens Preventing Identity Theft Should be a Priority, But Do You Know How to Handle It?
27 December 2018
What a good story you have written and I feel good reading about your story and we should share thin...
George Nivison Bring Your Own Device Is Great...When Applied Properly
21 December 2018
If you think you device get slow then try once again for the device sharing speed with the connectin...
Chantale Bass Tip of the Week: How to Use Tabs to Their Full Potential
15 December 2018
Tabs we need to use only with the ways of the potentially uses from the internet use and also for th...
JoseSClark How You Can Get Microsoft Office Certified
14 December 2018
Many users want to get Microsoft Office certified for theirselve and it was a good post for them. Re...
Donna Brock 3 Significant Ways the Cloud Can Grow Your Business
13 December 2018
In every field of life technology have a big name and now technology provide the facility to save yo...