BREAKING NEWS!

How you we love to download games onto to our mobile devices and spend time playing them every chance we get.  However, we sometimes download more than we bargain for.  We think that the apps we download from legitimate websites such as Google Play Store is safe. Well, not quite.

The mobile market has seen a drastic growth in malicious adware (see Definition).  Adware is considered the most prevalent mobile threat in the world.  It has been found, yet again, that Google Play Store was offering malicious apps that have affected millions of Android users with Adware.

Adware may not seem dangerous as it automatically downloads or displays advertising materials like banners or pop-ups when a user is online.  Yet, adware could pose as a threat to users.  How? By gathering personal information like phone numbers, email addresses, or your login credentials to banking sites (if you carry out online banking transactions on your mobile devices, which is definitely NOT RECOMMENDED) and much more.  By clicking on those ads, you can inadvertently, download malware (see Definition) or be re-directed to malicious web pages.

Back to Google Play Store, security firm Avast has found that three popular gaming apps that infect users device with adware when installed.  Unfortunately, these gaming apps have been downloaded over a million times.  Now that’s scary!  The three gaming apps are, “Durak” card game, “IQ Test” app and “Russian History” app.  According to data from Google Play Store, Durak card game has been downloaded 5 to 10 million times.   Together with the other two apps, a total of 15 million installs has taken place.  Interestingly, all three apps are from different developers, but has the same malicious software installed.  Are the three developers working hand-in-hand? Who knows?

Once the malicious apps are installed on users’ Android smartphones, advertisements disguised as warning messages are displayed.  As reported by Avast researcher Filip Chytry, “When you install Durak, it seems to be a completely normal and well working gaming app. This was the same for the other apps, which included an IQ test and a history app. This impression remains until you reboot your device and wait for a couple of days. After a week, you might start to feel there is something wrong with your device.“

After 30 days, “Bam”!  Users will start seeing ads appear every time they unlock their devices.  The ads will warn the user that their device has been infected or full of porn or is out of date.  Don’t fall for this ruse.  If you do and take action like clicking on the “Update” button, you will be re-directed to fake pages that contain harmful threats such as malicious apps, or apps that attempt to send premium SMS with your knowledge or even apps that collect too much personal data from your smartphones.

Surprisingly, users were directed to security apps on Google Play Store which were deemed harmless.  The question is would security providers use adware to promote their apps?  Installing these security apps does not stop the undesirable apps from popping up on your phone.

Google has since pulled these malicious apps from its store, but what is to stop unscrupulous people from uploading similar apps in the future, or even as you read this, more of such malicious apps could have found their place in Google Play Store or other such legitimate app stores.

 

Definition

1. Adware – advertising-supported software, is any software package which automatically renders advertisements to generate revenue for its author.  Unfortunately, cyber criminals have taken advantage of adware to proliferate malicious malware.
2. Malware – malicious software that is used to disrupt computer operation, gather sensitive information, or to gain access to computer systems.  “Malware” is the general term covering different types of threats such as viruses, worms, trojans, spyware, rootkits and the likes.

 

Source

1. The Hacker News.
2. Adware image from Threat Post.
3. Avast blog (including image HTC phone screen).