As reported by CheckPoint, researchers have discovered a new and nasty malicious code on Google Play Store that hides within over 60 games and apps. What’s most alarming is that the target audience for these apps is mostly children between the age groups of 5-15. According to Google Play’s data, these apps have been downloaded between 3 to 7 million times. Dubbed “AdultSwine”, the malicious apps having this code works in three different ways:
For the ads, the malicious code contacts its Command and Control server to report the successful installation, send data about the infected device and then receive the configuration, which determines its course of operation. The code then goes on to verify certain conditions regarding the device’s status and checks which app is currently running on the screen. Once all its terms are met, it begins to display the offending ads outside of the app’s context.
Apart from displaying pornographic ads, AdultSwine is also responsible for installing unnecessary and even harmful “security” apps. First, the code displays an ad that claims the user’s device is infected by a virus. This is shown alongside a prompt for “Clean/Remove Virus Now”. Should the user tap on that, they’ll be redirected to the Google Play Store, where the user will be presented with a malicious app which disguises itself as a virus removal tool.
Another way that AdultSwine affects your mobile device is by automatically registering the user for premium services. For instance, the code will display an ad that the user is entitled to win an iPhone by simply answering four short questions. Upon answering them, the malicious code informs the user that he has been successful, and asks him to enter his phone number to receive the prize. The code then uses this number to register for premium services. While Google did introduce Play Protect to scan for malicious activities, more often than not, the service hasn’t been able to identify such threats. While we did have reports of the service reporting Mi Video as unsafe, it is a shame that such plots that have been existing for quite a long time now, have still not been resolved by Google. As such, we urge people to use apps with caution, and avoid apps with a questionable rating, or ones that claim to solve all your problems. The reviews are the first indicators of problematic apps. So make sure you check them out thoroughly before downloading apps, even on the Play Store.