Sneaky Android Malware Camouflaged in Kids’ Apps Committing Ad Fraud

2020-3-27 06:15

The Google Play Store has found itself in yet another malicious app scandal. This time, researchers have found a new malware nesting in several apps available on the marketplace.

Researchers from cybersecurity firm Check Point revealed in a recent blog post that they conducted an extensive search across the Play Store that yielded the discovery of several malicious apps. The post explained that most of these apps targeted children, adding that they could have infected as many as 1.7 million Android devices globally.

Tekya: Native Android Code with Antivirus Evasion

According to Check Point, all these apps were infected with Tekya— a malware that successfully evades Google Play Protect and other security measures put in place in the Play Store. The malware was found on 32 utility apps and 24 children’s games. Once a Tekya-infested app is downloaded, it commits ads fraud by leveraging Android’s MotionEvent actions, which record users’ movement with a finger or stylus across their screen to generate fake clicks.

Check Point further explained that most of the apps were written in native Android code — especially C and C++ languages — as opposed to having the usual Java underlying code. With these languages, app manufacturers can launch their apps on the Play Store without the appropriate levels of scrutiny and effectively avoid detection when they publish.

Google Constantly Roped into Malicious App Scandals

Google has found itself mired in several malicious app scandals so far; it seems almost routine for the firm. Earlier this year, Check Point confirmed that they had found two malware types — Haken and Joker — on several apps across the Play Store.

Check Point’s researchers had revealed that the malware duo was evolving in response to Google’s security checks and policies.

Over the past few months, the Joker malware has appeared in a number of mobile apps on the Play Store. The Joker is a master at billing fraud. Once a Joker-infested app is installed, the user’s account would be used to pay for premium services without authorization. It does this through a combination of SMS receivers and custom HTML parsers.

As Check Point’s researchers explained, merely removing the malicious app won’t cancel the fraudulent subscription. Instead, the victim has to reach out to the service provider and ask for a cancellation.

As for Hacken, the malware mimics the user and generates clicks on ads. Check Point pointed out that the malware had infected eight apps on Play Store, with more than 50,000 downloads already.

The post Sneaky Android Malware Camouflaged in Kids’ Apps Committing Ad Fraud appeared first on BeInCrypto.

Similar to Notcoin - TapSwap on Solana Airdrops In 2024

origin »

HEROcoin (PLAY) на Currencies.ru

$ 0.0010481 (+0.32%)

Объем 24H $3.181k

Изменеия 24h: 9.69 %, 7d: -23.33 %

Cегодня L: $0.0010481 - H: $0.0010481

Капитализация $199.092k Rank 1670

Цена в час новости $ 0.0009527 (10.01%)

apps malware store play found researchers fraud

266 +

Источник: beincrypto.com

apps malware → Результатов: 33

Hackers are Stealing Crypto Using Clipper Malware

Hackers can steal crypto payments by using a relatively new malware that replaces the receiving address between copying and pasting. Don’t CTRL+C CTRL +V According to a report from February of this year, a security researcher called Lukas Stefanko discovered that hackers had brought the so-called Clipper Malware to Google Play via infected cryptocurrency apps.

2019-12-4 12:16	malware
hackers malware ctrl clipper using crypto apps

163 +

Supply chains show their weaknesses following Avast and NordVPN attacks

Antivirus solution provider Avast and VPN service NordVPN both disclosed data breaches caused by exposed credentials that granted attackers remote access to internal systems. The twin developments come as supply chain attacks — compromising a third-party vendor with a connection to the true target — targeting security-related apps are becoming a common vector to install malware.

2019-10-22 16:20	Tech
supply malware avast attackers chain attacks attempt

288 +

Privacy-first ClearPHONE with ClearOS launches on Kickstarter

Privacy-first ClearPHONE with ClearOS launches on Kickstarter - CryptoNinjas A Clear company, ClearUnited, has announced the launch of ClearPHONE featuring the just-released ClearOS Mobile on Kickstarter.

2019-10-9 15:03
clearphone kickstarter clearos privacy-first launches type cryptoninjas

110 +

172 malicious apps with 335M+ installs found on Google Play

Google desperately needs to curb the spread of Android malware. In September alone, researchers uncovered a total of 172 infected apps on the Play Store. The worst part? These apps had racked up over 335 million installs by the time they were detected by security experts.

2019-10-1 14:43	security
play google installs malware apps software ads

308 +

Android users suckered for $100s by basic calculator and QR scanning apps

If all the different types of malware that find a way to sneak into the Google Play Store wasn’t enough, here’s another nasty surprise. A new category of apps called “Fleeceware” has been unearthed on the app distribution platform; these apps were found to abuse the Play Store policies and grossly charge users hundreds of dollars for mundane services like calculators and QR code scanners.

2019-9-26 09:30	Tech
apps app malware store play users android

211 +

2 malware-infected photo apps with 1.5M+ downloads removed from Google Play

Google has removed two malicious apps with a combined total of over 1. 5 million downloads after they were caught serving adware. The apps in question — Sun Pro Beauty Camera and Funny Sweet Beauty Selfie Camera — were also found to have “more advanced functionality than your average adware,” according to researchers at Wandera.

2019-9-23 09:00	Tech
google apps adware camera without beauty ads

178 +

VPN apps with 500M+ installs caught serving disruptive ads to Android users

Google Play Store has a malware problem. And it doesn’t seem to go away despite the company’s best efforts to rein in sketchy apps. In a yet another instance of Android adware, New Zealand-based independent security researcher Andy Michael found four Android VPN apps with cumulative downloads of over 500 million that not only serve ads while running the background, but are also placed outside the apps, including the home screen.

2019-9-20 14:53	Tech
apps vpn android ads master security free

292 +

Google purges 24 malware-ridden apps that were downloaded 500,000 times

Android just can’t seem to shake off its malware issues. A new malware campaign targeting Android has been found to engage in ad fraud at least since early June 2019. The findings, disclosed by cybersecurity firm CSIS Security Group, reveal that the malware — called Joker — is designed to surreptitiously sign users up for premium service subscriptions, in addition to stealing the victim’s SMS messages, the contact list, and device information.

2019-9-10 10:46	Tech
android google malware users found csis apps

211 +

Malware found in CamScanner’s document scanning Android app, which has over 100M downloads

Another day, another instance of Android malware found on the Google Play app store. Researchers from Kaspersky Lab said they found an app with 100 million downloads that housed a malicious module that then pushed ads or downloaded apps surreptitiously onto compromised Android devices.

2019-8-28 10:07	security
app android found camscanner malicious kaspersky researchers

206 +

Open-source spyware bypasses Google Play defenses — twice

Google Play Store continues to attract sketchy Android apps despite its best efforts to vet incoming apps for malware. In a new report published by security firm ESET, researchers have discovered the first known instance of an open-source spyware bypassing the internet giant’s app store vetting process — twice.

2019-8-22 15:57	security
google app open-source play radio spyware eset

143 +

Researcher discloses second Steam zero-day exploit after being shut out of bug bounty program

A second zero-day vulnerability has been publicly disclosed in the Steam gaming client by security researcher Vasily Kravets after he said he was banned from its bug-bounty program. The revelations come two weeks after another zero-day previously disclosed by Kravets and researcher Matt Nelson was disputed by Valve, Steam’s parent company.

2019-8-22 09:52	Tech
privilege researcher steam zero-day client escalation disclosed

178 +

Google Play hosted 205 harmful apps with over 32M installs last month alone

It seems Google is losing the battle against sketchy Android software big time. The company hosted over 205 harmful apps on the Play store in July only. The kicker: these apps were downloaded over 32 million times in total in the past month alone.

2019-8-1 17:26	security
google apps play software alone fake month

213 +

It’s 2019 and Google still can’t keep malware out of its Android app store

Google appears to have a problem with stopping malicious apps from sneaking into the Play Store. In what appears to yet another case of malware disguised as a legitimate app, security researchers from Symantec have found a new app that advertised itself as an unofficial version of Telegram messaging app — only to push malicious websites in the background.

2019-7-16 14:40	Tech
app malware google store malicious android 2019

174 +

Moonday Mornings: Elon Musk and John McAfee cryptocurrency scams are back

It’s a new week, which means only one thing: it’s time for Hard Fork’s roundup of cryptocurrency and blockchain headlines from over the weekend. Let’s get to it. 1. Security researchers from Trend Micro have uncovered a new type of cryptocurrency mining botnet.

2019-6-24 10:55	hard fork
cryptocurrency new reports israeli police hit south

293 +

Study: Google Play is riddled with thousands of data-stealing counterfeit apps

Google’s Android is facing a tough battle against malware apps, and there seems no end in sight. According to new research, Google’s Play Store is riddled with thousands of possible malware-ridden counterfeit apps and games.

2019-6-24 10:22	Tech
apps google play riddled games study thousands

156 +

As Bitcoin surges, hackers rush to spread cryptocurrency malware on Google Play

An unfortunate consequence of Bitcoin’s price revival in recent weeks is the resurgence of cryptocurrency malware on Google Play. ESET security researchers, have verified that there were at least two apps on Google Play specifically designed to steal users’ coins.

2019-5-23 13:25	hard fork
google play wallet users trezor app bitcoin

209 +

No, end-to-end encryption isn’t a marketing gimmick

There’s bad takes, and then there’s bad takes. An example of the latter comes from Bloomberg Opinion columnist Leonid Bershidsky, who thinks that today’s WhatsApp security woes proves that end-to-end encryption is “a gimmick” and “largely pointless.

2019-5-15 00:03	security
end-to-end whatsapp messaging phone apps bershidsky bad

161 +

This New Android Malware Targets 32 Crypto And 100 Bank Apps – Here’s How Not To Get Hacked

A new form of Trojan horse malware targeting Android phones, specifically with the intention of stealing crypto assets of… The post This New Android Malware Targets 32 Crypto And 100 Bank Apps – Here’s How Not To Get Hacked appeared first on Invest In Blockchain.

2019-4-1 10:15	malware
crypto malware new android get hacked 100

138 +

Android Malware Attacking Cryptocurrency and Bank Apps

Gustuff, a vicious Trojan horse created by a Russian-speaking cybercriminal known as “Bestoffer”, is now attacking Android smartphones with the sole aim of stealing users’ cryptos and fiat contained in the apps, reports TNW on March 28, 2019.

2019-3-30 00:00	security
mass android infection weapon apps gustuff attacking

167 +

Android Malware Targets Users of 32 Crypto Apps, Including Coinbase, BitPay

New strain of Trojan malware for Android phones is targeting global users of top crypto and bank apps

2019-3-30 13:31
apps android crypto malware users targeting phones

258 +

New Android malware targets 32 cryptocurrency apps and 100 international banks

A brand-new generation of Trojan horse malware for Android phones has been revealed, tailored specifically towards stealing fiat and digital assets from customers of top international banks and cryptocurrency exchanges.

2019-3-28 12:59	hard fork
gustuff malware android trojan apps cryptocurrency web

182 +

First Case of Crypto-Jacking ‘Clipper’ Malware Found on Google Play Store

A new form of cryptocurrency-stealing malware has been identified in the Google Play store. Dubbed ‘clipper’ malware, it was discovered inside an app impersonating MetaMask—a full browser extension which allows Ethereum-based apps to run on a browser without running a full Ethereum node.

2019-2-12 11:12
malware clipper play store google browser full

152 +

Warning: Imposter Apps Stealing Crypto from Unwitting Users

Malware researcher and cybersecurity expert, Lukas Stefanko just discovered something concerning in the Google Play store. Stefanko, who specializes in Android security found a MetaMask imposter that is designed to steal passwords or security phrases.

2019-2-12 01:04
imposter google play stefanko security found lukas

149 +

New Anatova Cryptocurrency Malware Found Impersonating Apps, Stronger Than Ryuk Ransomware

New Crypto Malware Found Impersonating Apps A new crypto malware called Anatova has been discovered and according to researchers, has grave potential. One of the most important facts to note about this new malware is that it often tricks users into downloading them.

2019-1-24 23:52	News
malware new crypto according apps anatova found

187 +

500,000 Android users downloaded malware made by one developer

Android malware has been on the rise over the past couple of years, we’ve just seen one of the worst attacks of this kind. ESET security researcher Lukas Stefanko found 13 apps with malware on the Play store, and said that more than 560,000 people downloaded these apps before Google took them down.

2018-11-21 14:09	Insider
malware apps android these worst said stefanko

161 +

Fake crypto wallets found on Google Play Store

On November 13, a malware researcher Lukas Stefanko reported in his blog that he had found four fake applications on Google Play Store that tried to trick users either in to luring their credentials or impersonating cryptocurrency wallets.

2018-11-15 13:32
google fake these stefanko reported found wallets

171 +

Security researcher finds Google Play app phishing for crypto exchange login details

Security and malware researcher Lukas Stefanko, who’s known for catching cryptocurrency-related scams, has recently found an app on Google’s Play Store phishing users’ credentials on conventional banking apps and cryptocurrency exchanges.

2018-11-5 13:51
app security stefanko researcher play phishing google

236 +

Google Play app caught phishing for cryptocurrency exchange login details

Despite Google’s hardline stance against malicious cryptocurrency apps, some still find ways of sneaking through its net. Security and malware researcher, Lukas Stefanko, published a video yesterday exposing how a malicious app, distributed via Google’s Play Store, steals the sensitive data from unsuspecting users.

2018-11-2 17:55	hard fork
google play app apps cryptocurrency malicious stefanko

261 +

PSA: Buggy cryptocurrency price ticker exposes Mac users’ funds to theft

Cryptocurrency ticker apps can be handy little tools for staying up-to-date with the fluctuating price of your cryptocurrency hodlings. That is, when they’re not installing backdoors that open your computer to potentially malicious attack.

2018-10-30 13:05	hard fork
cryptocurrency malwarebytes ticker two your one app

128 +

Despite Ban, 25 Google Play Apps Found to Cryptojack Users

Sophoslabs has published a report in which the company claims to have identified at least 25 Android apps published on the official Google Play store that contain script facilitating the ‘cryptojacking’ of users’ computing resources.

2018-9-27 02:15
google play apps users despite published identified

185 +

Google Play Store Removes Mining Apps from Offerings

Google just nixed any app that mines cryptocurrencies from its Play Store. With a recent update to the store’s policies, the tech monolith rewrote its stance on cryptocurrency apps.

2018-7-27 20:33	Mining
mining cryptocurrency google apps store facebook policy

347 +

Apple Prohibits Crypto Mining in Apps with New Guidelines

As crypto mining through apps becomes more prevalent Mac has had to address it in the release of their new guidelines. Mac Prohibits App Mining in New Guidelines Crypto mining is way up in 2018 with a reported 4000% increase in Q1.

2018-6-13 22:00	monero
mining guidelines crypto new prohibits apps apple

295 +

Партнеры Currencies.ru

Analogue Notcoin - TapSwap

Реклама на Currencies.ru

Самое свежее на Currencies.ru

В Google Play найдено новое фишинговое приложение для хищения данных с криптобирж

Лукас Стефанко, занимающийся поиском вредоносных программ и защитой от них, известен тем, что специализируется на мошенниках, связанных с криптовалютами. Недавно им было обнаружено фишинг-приложение в разделе Google Play Store среди обычных приложений для хищения данных у пользователей криптовалютных обменов.

2020-3-27 06:15

apps malware → Результатов: 33

2019-12-4 12:16

2019-10-22 16:20

2019-10-9 15:03

2019-10-1 14:43

2019-9-26 09:30

2019-9-23 09:00

2019-9-20 14:53

2019-9-10 10:46

2019-8-28 10:07

2019-8-22 15:57

2019-8-22 09:52

2019-8-1 17:26

2019-7-16 14:40

2019-6-24 10:55

2019-6-24 10:22

2019-5-23 13:25

2019-5-15 00:03

2019-4-1 10:15

2019-3-30 00:00

2019-3-30 13:31

2019-3-28 12:59

2019-2-12 11:12

2019-2-12 01:04

2019-1-24 23:52

2018-11-21 14:09

2018-11-15 13:32

2018-11-5 13:51

2018-11-2 17:55

2018-10-30 13:05

2018-9-27 02:15

2018-7-27 20:33

2018-6-13 22:00

Партнеры Currencies.ru

Реклама на Currencies.ru

Самое свежее на Currencies.ru

Add news: propose for publication, Submit ICO