window._mfq = window._mfq || []; (function() { var mf = document.createElement("script"); mf.type = "text/javascript"; mf.async = true; mf.src = "//"; document.getElementsByTagName("head")[0].appendChild(mf); })();
407-478-6600    Get SUPPORT

TaylorWorks Blog

Infected Applications Removed from Google Play Store

Infected Applications Removed from Google Play Store

We all download apps. There are literally millions of apps to choose from and sometimes nefarious developers can get their application published with ulterior motives. A situation has just happened as Google has removed twenty-two apps that were found to contain automated click-fraud scripts from the Google Play Store. We’ll take a short look at what these developers were up to, and how the fraudster would affect you if you were one of the two million users that happened to download these apps.

What Apps?
First, we’ll start with a complete list of the apps that had been infested with this nefarious code:

  • Sparkle FlashLight
  • Snake Attack
  • Math Solver
  • ShapeSorter
  • Tak A Trip
  • Magnifeye
  • Join Up
  • Zombie Killer
  • Space Rocket
  • Neon Pong
  • Just Flashlight
  • Table Soccer
  • Cliff Diver
  • Box Stack
  • Jelly Slice
  • AK Blackjack
  • Color Tiles
  • Animal Match
  • Roulette Mania
  • HexaFall
  • HexaBlocks
  • PairZap

What Did These Apps Do?
SophosLabs found a cache of apps that feature what they call “Andr/Clickr-ad” malware. These applications are engineered with maximum flexibility in mind. They could contact a common attacker-controller server to download what is called an ad-fraud module. It does this every 80 seconds. The malware simply opened a non-visible window and would repeatedly click on ads, making the network look like it was getting more traffic, fraudulently enhancing the developers’ revenue.

No specific ad network was specified by Sophos, but users who had downloaded these applications would see a decrease in the battery life and/or an increase in the amount of data their device would use. One strange part of this is that some of the ad traffic was able to identify itself as from coming from iPhones, despite this appearing on Android-only apps. They came from “Apple models ranging from iPhone 5 to 8 Plus and from 249 different forged models from 33 distinct brands of Android phones.” This ploy was used as a way to increase revenues further as some advertisers will pay a premium to get their ads onto Apple devices. iOS versions of the apps, largely by the same developers, didn’t have the malicious code integrated.

Download Legit Apps
How can you go about making sure that you aren’t part of this problem? Download legitimate applications. Some of the best ways to make sure the apps you are downloading are legit, include:

  • Read a lot of reviews - Much of the information you will need to see the legitimacy of an application can be found in the review of the app in the store. If you make a point to read eight or more reviews, you will quickly get a good idea about how functional the application is.
  • Check app permissions - Applications need permission from a user to use the core functions of the phone. If the application in question tends to need access to functions that it shouldn’t, you should be skeptical about the application.
  • Check the terms and conditions - Most people don’t go through the terms and conditions of anything, let alone an application for their smartphone. Even if you do make a point to read them, the amount of legalese found is akin to a lullaby or a warm glass of milk. The problem for users is that there is a lot of good information about the applications, and specifically how it uses data. If you do set aside some time to read about it, check out some language that is relevant to the way you use the application.
  • Research the developer - Nowadays, software development is filled with people that are looking to make a name for themselves. This type of ambition can lead to bad decision making. If you take some time to do some basic research about the developer of an app you have reason to question, you’ll likely find the truth of whether they can be trusted or not. If they want to be known, they likely promote their work via social media, so, start there.

Android has millions of legitimate applications on the Google Play Store, so worrying whether or not you’ve downloaded one that will put your data at risk shouldn’t be too worrisome as long as you stick to our best practices. To learn more about technology, security, and mobile strategies, call TaylorWorks today at 407-478-6600.

Network Security Is All About Handling Threats
Protecting Your Business by Understanding IoT Secu...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, March 26 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Tag Cloud

Tip of the Week Security Technology Network Security Best Practices Cloud Business Computing Data Backup Privacy Hosted Solutions Managed IT Services Hackers Malware Data Recovery Email Mobile Devices VoIP Data Google User Tips Productivity Internet of Things Outsourced IT Innovation Tech Term Communications Internet Backup Efficiency Hardware IT Services Microsoft Cloud Computing Business Continuity Software Saving Money Cybersecurity Business Artificial Intelligence Workplace Tips BDR Ransomware Smartphones Business Management Communication Small Business Android IT Support Router Disaster Recovery Managed IT Services Windows 10 Cybercrime Smartphone IT Support Network Phishing Applications Chrome Gadgets Browser Encryption Computer Mobile Device Collaboration Windows Law Enforcement How To Managed IT Server BYOD Data Security Spam Proactive IT Mobile Device Management Holiday Data Protection Two-factor Authentication Mobility Avoiding Downtime Access Control Blockchain Training Virtualization Word Information Business Intelligence Save Money Computers Office 365 Money Miscellaneous Managed Service Alert Upgrade Business Technology Automation Connectivity Social Media File Sharing Operating System IT Management Redundancy Bandwidth Telephone Systems Social Engineering Machine Learning Wi-Fi Voice over Internet Protocol Software as a Service Document Management Passwords Remote Monitoring Paperless Office Vulnerability App Apps Settings Facebook Productivity Identity Theft Analysis Compliance Firewall Private Cloud Servers Spam Blocking Virtual Private Network Fraud Data loss Mobile Computing CES Value Sports Manufacturing Google Docs Virtual Assistant Remote Computing Business Owner Content Management Health Education Bring Your Own Device IT Plan Unified Threat Management Telephone System Networking Employer-Employee Relationship Workers Keyboard Augmented Reality Windows 7 Google Drive Comparison Unsupported Software Telephony Smart Tech Work/Life Balance Data Storage Solid State Drive OneNote Flexibility Save Time Hacker Information Technology Microsoft Office Human Resources Password Budget Cryptocurrency Update Infrastructure Big Data Credit Cards VPN Data Breach Meetings Botnet Website Healthcare Scam Administrator Physical Security Lifestyle Criminal Samsung Wire Black Market Content Filtering Google Search Start Menu Wireless Charging Practices Network Congestion Public Cloud Safe Mode Logistics Data Warehousing WiFi Password Manager Charger Cortana Storage Instant Messaging Security Cameras Flash Accountants HVAC Downtime Hacking Travel Cables HIPAA Shortcuts Tip of the week Workforce Digital Signature Electronic Health Records Computer Fan Worker Commute Wiring Backup and Disaster Recovery Legal Entertainment Wireless Microchip Battery Proactive Net Neutrality Mobile Electronic Medical Records Managed Service Provider Hosted Computing IT Consultant Project Management Business Mangement USB Windows 10 Employee/Employer Relationship Amazon End of Support Enterprise Content Management Screen Mirroring Unified Communications Devices eCommerce Windows Server 2008 Telecommuting FENG GDPR Cryptomining Inventory Leadership PDF HBO Smart Office Windows 10s Office Tips Remote Monitoring and Maintenance ISP Professional Services Warranty Biometric Security Gmail Technology Tips Addiction Netflix Quick Tips Recovery Smartwatch Sync Amazon Web Services IoT Password Management Data Management Cast Theft Thought Leadership Social Remote Work Strategy YouTube HaaS E-Commerce Database Wireless Technology Search Engine Outlook SaaS Line of Business File Versioning Tools Printer Multi-Factor Security Recycling Cleaning Cache Employee Online Shopping Current Events NIST Government Google Apps Streaming Media The Internet of Things Vendor Regulations Marketing Camera Hard Drives Authentication webinar Risk Management Bing Frequently Asked Questions Specifications Students Audit Patch Management MSP Multiple Versions Root Cause Analysis Mouse Software Tips Trending eWaste Computer Care Wireless Internet Digital Signage Skype Evernote Insurance Knowledge Distribution Vendor Management Content Filter Emails Display Computing Infrastructure Fiber-Optic Nanotechnology Conferencing Help Desk Excel Millennials Staff Virtual Reality Users Remote Worker Restore Data Audiobook Humor Customer Service Webinar Wearable Technology Internet Exlporer Mobile Office Video Games Domains Television User Error Transportation Books Hybrid Cloud Twitter IT solutions How to Automobile Worker Hiring/Firing Public Speaking Public Computer Benefits Best Practice Presentation Utility Computing Loyalty Lithium-ion battery Troubleshooting Fun Internet exploMicrosoft Rootkit Scalability Smart Technology Employer Employee Relationship 5G Files Emergency Tech Support Safety Office Shadow IT Hosted Solution IBM Regulation Advertising Analytics Experience Colocation Company Culture Computer Accessories History Competition Relocation Customer Relationship Management Two Factor Authentication Search Content Printers Music Managing Stress CrashOverride IP Address Bluetooth Politics Assessment Techology

Mobile? Grab this Article!

QR-Code dieser Seite