Infracore LLC Blog

Infected Applications Removed from Google Play Store

Infected Applications Removed from Google Play Store

We all download apps. There are literally millions of apps to choose from and sometimes nefarious developers can get their application published with ulterior motives. A situation has just happened as Google has removed twenty-two apps that were found to contain automated click-fraud scripts from the Google Play Store. We’ll take a short look at what these developers were up to, and how the fraudster would affect you if you were one of the two million users that happened to download these apps.

What Apps?
First, we’ll start with a complete list of the apps that had been infested with this nefarious code:

  • Sparkle FlashLight
  • Snake Attack
  • Math Solver
  • ShapeSorter
  • Tak A Trip
  • Magnifeye
  • Join Up
  • Zombie Killer
  • Space Rocket
  • Neon Pong
  • Just Flashlight
  • Table Soccer
  • Cliff Diver
  • Box Stack
  • Jelly Slice
  • AK Blackjack
  • Color Tiles
  • Animal Match
  • Roulette Mania
  • HexaFall
  • HexaBlocks
  • PairZap

What Did These Apps Do?
SophosLabs found a cache of apps that feature what they call “Andr/Clickr-ad” malware. These applications are engineered with maximum flexibility in mind. They could contact a common attacker-controller server to download what is called an ad-fraud module. It does this every 80 seconds. The malware simply opened a non-visible window and would repeatedly click on ads, making the network look like it was getting more traffic, fraudulently enhancing the developers’ revenue.

No specific ad network was specified by Sophos, but users who had downloaded these applications would see a decrease in the battery life and/or an increase in the amount of data their device would use. One strange part of this is that some of the ad traffic was able to identify itself as from coming from iPhones, despite this appearing on Android-only apps. They came from “Apple models ranging from iPhone 5 to 8 Plus and from 249 different forged models from 33 distinct brands of Android phones.” This ploy was used as a way to increase revenues further as some advertisers will pay a premium to get their ads onto Apple devices. iOS versions of the apps, largely by the same developers, didn’t have the malicious code integrated.

Download Legit Apps
How can you go about making sure that you aren’t part of this problem? Download legitimate applications. Some of the best ways to make sure the apps you are downloading are legit, include:

  • Read a lot of reviews - Much of the information you will need to see the legitimacy of an application can be found in the review of the app in the store. If you make a point to read eight or more reviews, you will quickly get a good idea about how functional the application is.
  • Check app permissions - Applications need permission from a user to use the core functions of the phone. If the application in question tends to need access to functions that it shouldn’t, you should be skeptical about the application.
  • Check the terms and conditions - Most people don’t go through the terms and conditions of anything, let alone an application for their smartphone. Even if you do make a point to read them, the amount of legalese found is akin to a lullaby or a warm glass of milk. The problem for users is that there is a lot of good information about the applications, and specifically how it uses data. If you do set aside some time to read about it, check out some language that is relevant to the way you use the application.
  • Research the developer - Nowadays, software development is filled with people that are looking to make a name for themselves. This type of ambition can lead to bad decision making. If you take some time to do some basic research about the developer of an app you have reason to question, you’ll likely find the truth of whether they can be trusted or not. If they want to be known, they likely promote their work via social media, so, start there.

Android has millions of legitimate applications on the Google Play Store, so worrying whether or not you’ve downloaded one that will put your data at risk shouldn’t be too worrisome as long as you stick to our best practices. To learn more about technology, security, and mobile strategies, call Infracore LLC today at (858) 509-1970.

An IT Christmas Carol
Tip of the Week: Locating a Misplaced Smartphone
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, March 22 2019

Captcha Image

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Cloud Business computing Google Hosted Solutions Network Security Productivity Malware Software Data User Tips Hackers Innovation Microsoft Internet Smartphones Business Hardware Email Tech Term Mobile Devices Backup Workplace Tips Browser Business Continuity VoIP Communications Smartphone Data Backup Android Efficiency IT Services Windows 10 Business Management Cloud Computing Computer Outsourced IT Managed IT Services Disaster Recovery Small Business Alert Data Recovery Managed IT Services Computers Windows 10 Miscellaneous Office Artificial Intelligence Router Communication Ransomware Chrome Law Enforcement Cybercrime Internet of Things Windows Network IT Support Cybersecurity Gadgets Office 365 Password Applications Facebook Virtualization Quick Tips How To Mobile Device Productivity Telephone Systems Money Holiday Passwords Health Server Collaboration Social Media Private Cloud Social Engineering Wi-Fi Google Drive Spam Automation Saving Money Upgrade Information Work/Life Balance App Word Hacking Encryption Scam Data Breach Connectivity Vulnerability Mobility Settings BDR Paperless Office Mobile Device Management Apps Bring Your Own Device Save Money HaaS Office Tips Managed Service Data Protection Phishing Voice over Internet Protocol Operating System IT Support Data Security Keyboard Microsoft Office Two-factor Authentication Government Update Flexibility Identity Theft Remote Monitoring Software as a Service Infrastructure Cleaning Managed IT Legal Worker Telephony Public Cloud Windows 7 Big Data Automobile Computer Care Augmented Reality Botnet VPN BYOD Human Resources Fraud Access Control Cryptocurrency Google Docs Data Management Data Storage End of Support Electronic Medical Records Servers Samsung Meetings Bandwidth Training OneNote Comparison History IT Management Entertainment Marketing Website Redundancy CES Spam Blocking USB Value Avoiding Downtime Firewall Machine Learning Networking Battery IT Plan PDF Virtual Assistant Content Management Save Time Employer-Employee Relationship Remote Computing Charger Business Intelligence Unsupported Software Managed Service Provider Telephone System Blockchain Patch Management Sports Password Management Security Cameras Windows 10s Windows Server 2008 eWaste Monitor SaaS Mobile Computing Screen Mirroring Hosted Computing Two Factor Authentication Scalability Knowledge HBO Cache Experience Computing Infrastructure File Sharing Business Technology Root Cause Analysis Millennials Smart Office Administrator Conferencing Software Tips Evernote Risk Management Proactive IT FENG Multi-Factor Security HIPAA Inventory Wireless Hiring/Firing NIST Hacker WiFi Criminal Camera Cast Credit Cards Humor Internet Exlporer Network Congestion Shortcuts Outlook Password Manager Music Workforce Transportation Best Practice Document Management Safety Microchip Emails Wireless Charging Devices Politics Rootkit Net Neutrality Trending Skype Files Hybrid Cloud Employer Employee Relationship Smartwatch Solid State Drive Flash Data storage Books Assessment Information Technology IT Consultant Social Frequently Asked Questions Business Mangement Wearable Technology Techology Users Remote Worker Travel Accountants Benefits Content Search Engine Cortana Thought Leadership ISP Start Menu Staff Amazon Authentication Apple Computer Accessories Search Safe Mode Employee Audit Wireless Internet Television Warranty Internet exploMicrosoft Instant Messaging HVAC Leadership Vendor Excel Gmail Virtual Reality Wiring Telecommuting Video Games Audiobook Bing IT solutions Physical Security Google Apps Vendor Management Cryptomining Specifications Tools Amazon Web Services Nanotechnology iPhone Bluetooth How to Digital Signage Computer Fan Sync Emergency Wire Public Computer Printer Advertising Enterprise Content Management Display Recovery Tip of the week Recycling Troubleshooting Loyalty Worker Commute Unified Threat Management Data loss Remote Work Practices Smart Technology YouTube Current Events Help Desk Workers Addiction Education MSP Database Downtime Digital Signature Relocation User Error Mouse webinar Online Shopping Smart Tech Black Market Google Search The Internet of Things Company Culture Compliance Managing Stress Biometric Security Regulation Printers Webinar Twitter Thank You CrashOverride Congratulations

Recent Comments

Thaddeus Greer Can Chargers Be Interchanged Between Devices?
21 March 2019
The infracore is known as the heart of the information technology all over the world and the issue d...
AngusCousens What is Encryption, Anyways?
19 March 2019
When we hold the computer the basic and stylish accessories with the desktop is the requirement of e...
Kevyn Hawkins In the Midst of Chaotic Financial Markets, Technology Remains a Constant
15 March 2019
For the finance market we have to read this blog really and very carefully for the chapter of the pa...
Micheal williams Tip of the Week: Improve Email Open Rates With an Attention-Grabbing Title
15 March 2019
In this modern world, technology has changed the world and even it has created many chances to creat...
Maddison Franklin Tip of the Week: Improve Email Open Rates With an Attention-Grabbing Title
14 March 2019
IT is the heart of technology all over the world and there are many ease by the use of this technolo...