Categories: NewsTech Updates

8 million Android devices are affected by 42 malicious apps

Advertisement

Security researchers from London found that malicious apps have been installed in 8 million Android devices from Google play store itself through
massive year-long adware campaign.

Slovak internet security company ESET found 42 apps on Google play are belonging to this campaign which is running from July 2018. Out of these apps 21 apps are still available from the time of discovery.

Researchers stated on Thursday that “We reported the apps to the Google security team and they were swiftly removed. However, the apps are still available in third-party app stores”.

How this adware works?

"Major functionality of this adware is to show ads on the user devices once installed at regular intervals" said Reuters.

Once landed, “Ashas” adware app send the configuration details like Device type, language, battery status, apps installed, available memory, root status, FB installation status and much more of the affected device. With these details ads will start showing up at regular intervals.

“The app receives configuration data from the command and control server (C&C) server, needed for displaying ads, and for stealth and resilience,” said security researcher Lukas Stefanko.

These adware app, first check whether it has been tested by play services. Then after, hijacking the Google servers it start showing ads at intermittent intervals based on server response time.

This adwares are smart enough to hide themselves from installed apps instead it creates only shortcuts. Even when the user deletes it will be only the shortcut not the app itself.

Suspect behind the scene:

As researchers suspected, app developer would have been from Vietnamese University.

Researchers stated that “Due to poor privacy practices on the part of our culprit’s university, we now know his date of birth, we know that he was a student and what university he attended. We retrieved his University ID; a quick googling showed some of his exam grades”.

The malicious developer also has apps in Apple’s App Store. Some of them are iOS versions of the ones removed from Google Play, but none contain adware functionality,” said Stefanko.

Thanks for reading! It’s time to click on share button now.

Tags: Android apps
Gokul Kumar

Hey there!!! Am Gokul founder of softwarebottle. Software developer by profession tech writer by passion. Here I write reviews about various software and Android apps. I am crazy about mobiles and Technology and so started writing about tech updates. Apart from this, I'd like to play cricket and being lazy all over the day.

View Comments