What’s a smartphone without some apps to download to it? With millions of apps to choose from, developers might often have less-than-virtuous motives that put their users at risk for their own benefit. Recently, Google has removed 22 apps from the Google Play Store that were found to contain automated click-fraud scripts. We’ll delve into what these developers were up to with these fraudulent applications, as well as how they would affect the two-million users that downloaded them.
What Are the Apps?
Below you’ll find a list of what the affected apps are:
What Was Wrong with Them?
SophosLabs detected a cache of apps that are outfitted with a feature they call “Andr/Clickr-ad” malware. These applications are designed to be as flexible as possible with the intention of contacting a common attacker-controller server to download an ad-fraud module. This happens every 80 seconds. The malware opens up a non-visible window that repeatedly clicks on ads. This makes the network look like it’s getting more traffic and generates fraudulent revenue for the developer.
Sophos didn’t identify a specific ad network, but the users who had downloaded these apps experienced a considerable amount of battery drain and an increase in data usage. One interesting note is that some of the ad traffic was identified as coming from iPhones, even though these apps generally only appear on Android devices. The traffic came from “Apple models ranging from iPhone 5 to 8 Plus and from 249 different forged models from 33 distinct brands of Android phones.” This kind of strategy was used to increase profits for advertisers who had to pay a premium for their ads to run on Apple devices. iOS versions of the apps, even those by the same developers, didn’t have malicious code integrated.
Only Download Legitimate Applications
One way to make sure you don’t have troubles with your downloaded apps is to make sure you only download legitimate applications. Here are some ways to determine if the app you want is legitimate:
The Google Play Store holds countless applications, so be on the lookout for any apps that threaten your device’s integrity. Just stick to your best practices and it’s unlikely that you’ll encounter and download something dangerous. To learn more about this kind of mobile device security, reach out to Fuse Networks at 855-GET-FUSE (438-3873).