Google Play Apps With Over 4.3 Million Downloads Stole Pics, Pushed Porn Ads
Saturday February 2, 2019. 02:30 AM , from Slashdot
Google has banned dozens of Android apps downloaded millions of times from the official Play Store after researchers discovered they were being used to display phishing and scam ads or perform other malicious acts. Ars Technica reports: A blog post published by security firm Trend Micro listed 29 camera- or photo-related apps, with the top 11 of them fetching 100,000 to 1 million downloads each. One crop of apps caused browsers to display full-screen ads when users unlocked their devices. Clicking the pop-up ads in some cases caused a paid online pornography player to be downloaded, although it was incapable of playing content. The apps were carefully designed to conceal their malicious capabilities. The apps also hid their icons from the Android app list. That made it hard for users to uninstall the apps, since there was no icon to drag and delete. The apps also used compression archives known as packers to make it harder for researchers -- or presumably, tools Google might use to weed out malicious apps -- from analyzing the wares.
Trend Micro researchers discovered another batch of apps that falsely promised to allow users to 'beautify' their pictures by uploading them to a designated server. Instead of delivering an edited photo, however, the server provided a picture with a fake update prompt in nine different languages. The apps made it possible for the developers to collect the uploaded photos, possibly for use in fake profile pics or for other malicious purposes. The developers took pains to prevent users from detecting what was happening. 'The remote server used by these apps is encoded with BASE64 twice in the code,' Wu wrote. 'In addition, several of these apps can also hide themselves via the same hidden technique mentioned above.'
Read more of this story at Slashdot.
Oct, Tue 22 - 16:44 CEST