window._mfq = window._mfq || []; (function() { var mf = document.createElement("script"); mf.type = "text/javascript"; mf.async = true; mf.src = "//cdn.mouseflow.com/projects/0148bb62-7ff8-46ae-a466-bf3fd13c7d09.js"; document.getElementsByTagName("head")[0].appendChild(mf); })();
407-478-6600    Get SUPPORT

TaylorWorks Blog

Infected Applications Removed from Google Play Store

Infected Applications Removed from Google Play Store

We all download apps. There are literally millions of apps to choose from and sometimes nefarious developers can get their application published with ulterior motives. A situation has just happened as Google has removed twenty-two apps that were found to contain automated click-fraud scripts from the Google Play Store. We’ll take a short look at what these developers were up to, and how the fraudster would affect you if you were one of the two million users that happened to download these apps.

What Apps?
First, we’ll start with a complete list of the apps that had been infested with this nefarious code:

  • Sparkle FlashLight
  • Snake Attack
  • Math Solver
  • ShapeSorter
  • Tak A Trip
  • Magnifeye
  • Join Up
  • Zombie Killer
  • Space Rocket
  • Neon Pong
  • Just Flashlight
  • Table Soccer
  • Cliff Diver
  • Box Stack
  • Jelly Slice
  • AK Blackjack
  • Color Tiles
  • Animal Match
  • Roulette Mania
  • HexaFall
  • HexaBlocks
  • PairZap

What Did These Apps Do?
SophosLabs found a cache of apps that feature what they call “Andr/Clickr-ad” malware. These applications are engineered with maximum flexibility in mind. They could contact a common attacker-controller server to download what is called an ad-fraud module. It does this every 80 seconds. The malware simply opened a non-visible window and would repeatedly click on ads, making the network look like it was getting more traffic, fraudulently enhancing the developers’ revenue.

No specific ad network was specified by Sophos, but users who had downloaded these applications would see a decrease in the battery life and/or an increase in the amount of data their device would use. One strange part of this is that some of the ad traffic was able to identify itself as from coming from iPhones, despite this appearing on Android-only apps. They came from “Apple models ranging from iPhone 5 to 8 Plus and from 249 different forged models from 33 distinct brands of Android phones.” This ploy was used as a way to increase revenues further as some advertisers will pay a premium to get their ads onto Apple devices. iOS versions of the apps, largely by the same developers, didn’t have the malicious code integrated.

Download Legit Apps
How can you go about making sure that you aren’t part of this problem? Download legitimate applications. Some of the best ways to make sure the apps you are downloading are legit, include:

  • Read a lot of reviews - Much of the information you will need to see the legitimacy of an application can be found in the review of the app in the store. If you make a point to read eight or more reviews, you will quickly get a good idea about how functional the application is.
  • Check app permissions - Applications need permission from a user to use the core functions of the phone. If the application in question tends to need access to functions that it shouldn’t, you should be skeptical about the application.
  • Check the terms and conditions - Most people don’t go through the terms and conditions of anything, let alone an application for their smartphone. Even if you do make a point to read them, the amount of legalese found is akin to a lullaby or a warm glass of milk. The problem for users is that there is a lot of good information about the applications, and specifically how it uses data. If you do set aside some time to read about it, check out some language that is relevant to the way you use the application.
  • Research the developer - Nowadays, software development is filled with people that are looking to make a name for themselves. This type of ambition can lead to bad decision making. If you take some time to do some basic research about the developer of an app you have reason to question, you’ll likely find the truth of whether they can be trusted or not. If they want to be known, they likely promote their work via social media, so, start there.

Android has millions of legitimate applications on the Google Play Store, so worrying whether or not you’ve downloaded one that will put your data at risk shouldn’t be too worrisome as long as you stick to our best practices. To learn more about technology, security, and mobile strategies, call TaylorWorks today at 407-478-6600.

Network Security Is All About Handling Threats
Protecting Your Business by Understanding IoT Secu...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, January 16 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Tag Cloud

Tip of the Week Security Technology Network Security Cloud Best Practices Business Computing Managed IT Services Data Backup Privacy Hackers Hosted Solutions Malware Data Recovery Mobile Devices VoIP Email Data Google Outsourced IT Tech Term Innovation User Tips Internet Microsoft Hardware Internet of Things Cloud Computing Business Continuity Backup Saving Money Communications Business IT Services Software BDR Communication Ransomware Cybersecurity Efficiency Artificial Intelligence Smartphones Managed IT Services Cybercrime Small Business Smartphone Android IT Support Productivity Router Windows 10 Applications Chrome Network Workplace Tips Browser IT Support Disaster Recovery Business Management Phishing Computer Law Enforcement Managed IT How To Gadgets Word Information Access Control Business Intelligence Spam Blockchain Mobile Device Management Holiday Mobility Avoiding Downtime Two-factor Authentication Mobile Device Collaboration Windows Virtualization Data Security Server Data Protection Save Money Money Computers Office 365 BYOD Upgrade Bandwidth Proactive IT Social Media Social Engineering Servers Telephone Systems Managed Service Analysis Document Management Wi-Fi Remote Monitoring App Vulnerability Facebook Passwords Settings Compliance Redundancy IT Management Training Apps Productivity Firewall Connectivity Voice over Internet Protocol Software as a Service Alert Encryption Machine Learning Automation Identity Theft Miscellaneous Value Operating System Business Owner Credit Cards Update Paperless Office Smart Tech Botnet Education Bring Your Own Device Networking Employer-Employee Relationship Unified Threat Management Fraud Google Drive Keyboard Workers Human Resources Data loss Flexibility VPN Work/Life Balance Virtual Assistant Solid State Drive Infrastructure Mobile Computing OneNote Information Technology Google Docs Password Private Cloud Hacker Telephone System Data Breach Microsoft Office IT Plan Budget Windows 7 File Sharing CES Sports Scam Spam Blocking Big Data Comparison Telephony Website Unsupported Software Data Storage Content Management Specifications Mouse End of Support IoT Password Management Legal Entertainment Root Cause Analysis Electronic Medical Records IT Consultant Gmail Addiction Battery Frequently Asked Questions Strategy YouTube Skype Evernote Display Theft Thought Leadership USB Software Tips Trending FENG Wireless Help Desk PDF Remote Computing Remote Worker Health Office Tips Excel Millennials Windows 10s Administrator NIST Meetings Leadership Windows 10 Technology Tips Recycling Cache Data Management Start Menu Wireless Charging Business Technology Security Cameras Google Apps Streaming Media Recovery Physical Security Lifestyle Netflix Virtual Private Network HaaS Flash Shortcuts Authentication Data Warehousing WiFi Wiring Students Tip of the week Workforce SaaS Microchip Insurance Cryptocurrency Travel Proactive eWaste Wireless Internet Mobile Current Events Augmented Reality Content Filter Cleaning Project Management Save Time Amazon Wireless Technology Hard Drives eCommerce Fiber-Optic Nanotechnology GDPR Staff Healthcare Windows Server 2008 Telecommuting Audit Practices Safe Mode Risk Management Screen Mirroring webinar Remote Monitoring and Maintenance Criminal Wire Patch Management Warranty Computing Infrastructure Accountants HVAC Professional Services Knowledge The Internet of Things Password Manager Storage HBO Computer Care Marketing Electronic Health Records Sync Amazon Web Services Social Cables Emails E-Commerce Digital Signature Remote Work Search Engine Public Cloud Hosted Computing Cast Conferencing Line of Business Virtual Reality Samsung Printer Enterprise Content Management Tools Network Congestion Cortana Business Mangement Black Market Content Filtering Outlook Hacking Online Shopping Downtime Vendor Unified Communications Devices Instant Messaging Multi-Factor Security Charger Users Camera Worker Commute Regulations Computer Fan Managed Service Provider Bing Inventory HIPAA Government MSP Smart Office Mobile Office Books Automobile Domains Hiring/Firing How to IT solutions Printers Benefits Public Computer Worker Loyalty Fun Internet exploMicrosoft Best Practice Quick Tips Company Culture Public Speaking Troubleshooting Smart Technology Presentation Scalability Rootkit Files Lithium-ion battery Advertising Employer Employee Relationship Office Emergency Colocation Managing Stress Employee/Employer Relationship Shadow IT Hosted Solution 5G Experience Tech Support History Safety Search Utility Computing Computer Accessories IBM Relocation Content Two Factor Authentication Smartwatch CrashOverride Music Vendor Management Techology Assessment Competition Politics Bluetooth Customer Relationship Management Humor IP Address Internet Exlporer Audiobook Regulation Twitter Wearable Technology Webinar User Error Transportation Television Hybrid Cloud Video Games Customer Service

Mobile? Grab this Article!

QR-Code dieser Seite