Home Apps How ESET Discovered Android Adware Affecting Millions, Tracks Down Its Developer

How ESET Discovered Android Adware Affecting Millions, Tracks Down Its Developer

- Advertisement -

We identified 42 apps on Google Play as belonging to this adware campaign, with 21 still available at the time of discovery. The Google security team removed all of them based on our report. However, they are still available in third-party app stores,” says ESET Malware Researcher, Lukáš Štefanko.

The apps provide the functionality they promise – including video downloading, simple gaming and radio play – besides working as adware. “The adware functionality is the same in all the apps we analyzed,” says Štefanko.

- Advertisement -

The apps use several tricks to reach users’ devices and remain undetected: checking for Google Play’s security testing mechanism; delaying the display of ads until well after the device is unlocked; hiding their icons and creating shortcuts instead.

The ads delivered by the adware are displayed as a full-screen activity. If the user wants to check which app is responsible for the ad being displayed, the app impersonates Facebook or Google. “The adware mimics these two apps to look legitimate and avoid suspicion – and thus stay on the affected device for as long as possible,” explains Štefanko.

Another point of interest is that the Ashas adware family has hidden its code under the com.google.xxx package name. “Posing as part of a legitimate Google service may help avoid scrutiny. Some detection mechanisms and sandboxes may whitelist such package names in an effort to prevent wasting resources,” elaborates Štefanko.

While analyzing the apps, ESET researchers noticed that the malicious developer left many traces behind. Using open-source information, they tracked down the developer of the adware, whom they also identified as the campaign’s operator and owner of the C&C server. Štefanko notes that “establishing the developer’s identity was a side effect of our hunt for further malware and campaigns.”

While adware might not be as damaging as some other forms of malware, the fact that it can sneak into the official Android app store so easily is disturbing. “Users should protect their devices by sticking with basic cybersecurity principles and using a quality security solution,” recommends ESET’s Štefanko.

adware might not be as damaging as some other forms of malware, the fact that it can sneak into the official Android app store so easily is disturbing.
Source: ESET

SOURCE: For more details, read at WeLiveSecurity

alltechng
Technology is making life more meaningful, improves productivity... We are tech lovers...

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Must Read

Motorola Razr Price – specifications

The Motorola Razr comes with two screens. One in the inside, one on the outside. The main screen of the Motorola Razr measures 6.2-inches...

New Phone – Motorola Razr coming soon – Here is the Specification

Motorola Razr was launched in the US on November 14. Soon after the smartphone was announced, Motorola India teased that the Razr will head to...

New Phone – vivo X30 Pro sample photos

Vivo's product manager in China released a set of photos teasing the camera capabilities of the upcoming X30 Pro smartphone, which is said to feature a...

OnePlus 7T gets OxygenOS 10.0.7 with November security patch

OnePlus has released OxygenOS 10.0.7 update for the OnePlus 7T which brings in November 2019 Android security patch to the Snapdragon 855 Plus-powered flagship. The update also...

Realme Wireless Buds Air price – Selling Date Revealed

Realme will launch its first truly wireless earphones - Buds Air - on December 17 at an event in New Delhi, India. And the company has...