Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Infected Applications Removed from Google Play Store

Infected Applications Removed from Google Play Store

We all download apps. There are literally millions of apps to choose from and sometimes nefarious developers can get their application published with ulterior motives. A situation has just happened as Google has removed twenty-two apps that were found to contain automated click-fraud scripts from the Google Play Store. We’ll take a short look at what these developers were up to, and how the fraudster would affect you if you were one of the two million users that happened to download these apps.

What Apps?
First, we’ll start with a complete list of the apps that had been infested with this nefarious code:

  • Sparkle FlashLight
  • Snake Attack
  • Math Solver
  • ShapeSorter
  • Tak A Trip
  • Magnifeye
  • Join Up
  • Zombie Killer
  • Space Rocket
  • Neon Pong
  • Just Flashlight
  • Table Soccer
  • Cliff Diver
  • Box Stack
  • Jelly Slice
  • AK Blackjack
  • Color Tiles
  • Animal Match
  • Roulette Mania
  • HexaFall
  • HexaBlocks
  • PairZap

What Did These Apps Do?
SophosLabs found a cache of apps that feature what they call “Andr/Clickr-ad” malware. These applications are engineered with maximum flexibility in mind. They could contact a common attacker-controller server to download what is called an ad-fraud module. It does this every 80 seconds. The malware simply opened a non-visible window and would repeatedly click on ads, making the network look like it was getting more traffic, fraudulently enhancing the developers’ revenue.

No specific ad network was specified by Sophos, but users who had downloaded these applications would see a decrease in the battery life and/or an increase in the amount of data their device would use. One strange part of this is that some of the ad traffic was able to identify itself as from coming from iPhones, despite this appearing on Android-only apps. They came from “Apple models ranging from iPhone 5 to 8 Plus and from 249 different forged models from 33 distinct brands of Android phones.” This ploy was used as a way to increase revenues further as some advertisers will pay a premium to get their ads onto Apple devices. iOS versions of the apps, largely by the same developers, didn’t have the malicious code integrated.

Download Legit Apps
How can you go about making sure that you aren’t part of this problem? Download legitimate applications. Some of the best ways to make sure the apps you are downloading are legit, include:

  • Read a lot of reviews - Much of the information you will need to see the legitimacy of an application can be found in the review of the app in the store. If you make a point to read eight or more reviews, you will quickly get a good idea about how functional the application is.
  • Check app permissions - Applications need permission from a user to use the core functions of the phone. If the application in question tends to need access to functions that it shouldn’t, you should be skeptical about the application.
  • Check the terms and conditions - Most people don’t go through the terms and conditions of anything, let alone an application for their smartphone. Even if you do make a point to read them, the amount of legalese found is akin to a lullaby or a warm glass of milk. The problem for users is that there is a lot of good information about the applications, and specifically how it uses data. If you do set aside some time to read about it, check out some language that is relevant to the way you use the application.
  • Research the developer - Nowadays, software development is filled with people that are looking to make a name for themselves. This type of ambition can lead to bad decision making. If you take some time to do some basic research about the developer of an app you have reason to question, you’ll likely find the truth of whether they can be trusted or not. If they want to be known, they likely promote their work via social media, so, start there.

Android has millions of legitimate applications on the Google Play Store, so worrying whether or not you’ve downloaded one that will put your data at risk shouldn’t be too worrisome as long as you stick to our best practices. To learn more about technology, security, and mobile strategies, call Total Tech Care today at 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 25 December 2024
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Software Efficiency Network Security Business Google Microsoft Internet Email Malware Backup Workplace Tips Innovation User Tips Data Computer Mobile Devices Hardware IT Services Disaster Recovery Android VoIP communications Communication Business Continuity IT Support Smartphones Miscellaneous Smartphone Mobile Device Small Business Network Browser Collaboration Productivity Quick Tips Cybersecurity Users Business Management Windows Upgrade Phishing Managed IT Services Ransomware Data Backup Outsourced IT Windows 10 Data Recovery Office Cloud Computing Server Save Money Windows 10 Passwords Virtualization Social Media Saving Money Gadgets Holiday Tech Term Chrome Automation Managed IT Services Managed Service Microsoft Office Facebook Computers Cybercrime Artificial Intelligence Operating System Internet of Things BYOD Mobile Device Management Health Wi-Fi Networking IT Support Hacking Information Technology Alert Information Remote Managed Service Provider Spam Office 365 Telephone Systems Covid-19 Router BDR Recovery Employer-Employee Relationship Bandwidth Social Engineering Mobility App Data Breach History Mobile Computing Law Enforcement Application Human Resources Password Money Remote Monitoring Big Data Encryption Applications Office Tips Training Government VPN Private Cloud Blockchain Paperless Office Managed IT How To Remote Computing Apps Mobile Office Data Storage Patch Management Flexibility Wireless Servers Marketing Avoiding Downtime WiFi Gmail IT solutions Entertainment Website Settings Budget Data Security Two-factor Authentication Bring Your Own Device Data Management Work/Life Balance Mouse HaaS Infrastructure Voice over Internet Protocol Vulnerability Windows 7 Google Drive Word Keyboard Vendor Management The Internet of Things Employee/Employer Relationship Lithium-ion battery RMM USB Firewall Save Time Telephone System Staff Software as a Service Virtual Reality Machine Learning Apple Connectivity Remote Work Cleaning Social User Error Meetings End of Support Conferencing Education Vendor Physical Security Safety Managed Services Scam Display Risk Management HIPAA Sports Redundancy Data Protection Hacker Botnet Computer Accessories Proactive IT IT Plan Hard Drive DDoS Comparison Best Practice YouTube Unsupported Software CES SharePoint Black Market Charger Computing Printer Business Technology Content Management Bluetooth Access Control Customer Service Compliance Computer Care Environment Document Management OneNote Virtual Assistant Wireless Technology Current Events Solid State Drive How to Downtime Telephony Authentication Fax Server Samsung Digital Signage IT Consultant Data storage SaaS Value Automobile Humor Update Procurement Spam Blocking Electronic Medical Records Network Congestion Workplace Strategy Net Neutrality Computing Infrastructure Going Green eWaste Google Docs Help Desk Identity Theft Hiring/Firing Printing Battery Shadow IT Augmented Reality Wearable Technology Managed Services Provider Legal Hard Drives Fraud Retail Instant Messaging Database Internet Exlporer Business Intelligence Remote Worker Robot Excel Remote Workers Audit Virus Worker IT Management Biometrics PDF Cryptocurrency Unified Threat Management Virtual Desktop Processor Computer Tips Rootkit Managed IT Service Security Cameras Relocation Cache Computer Fan Amazon Web Services Criminal Virtual CIO OneDrive Biometric Security Managing Stress Safe Mode Video Games GDPR Hosted Computing Workers Peripheral Benefits Science Digital Security Cameras Using Data Worker Commute Wireless Internet FENG Cameras Online Shopping File Sharing IBM Copiers Experience 5G Scalability Camera Flash Inventory Distributed Denial of Service Specifications Customer Relationship Management Quick Tip Smart Technology Evernote Ergonomics Analyitcs Business Owner Smartwatch Wire NarrowBand Software Tips Supercomputer Travel Programming Development OLED Virtual Machine Search Printers Sync Emails Millennials PCI DSS Wireless Charging 2FA Fiber Optics Employee iPhone Smart Office Printer Server Antivirus Messaging Cabling Windows 8 Hypervisor Virtual Private Network Netflix Workforce Policy Two Factor Authentication Cables IT service Dark mode Trend Micro Files Root Cause Analysis Chromecast HBO Knowledge SMS Music Default App Tablet Saving Time Project Management Skype Nanotechnology Telecommuting Procedure Cortana Domains dark theme Shopping Google Search Colocation Uninterrupted Power Supply Data loss Outlook Digital Signature Leadership AI Troubleshooting IT Infrastructure Bing Warranty Monitor Start Menu IaaS Maintenance FinTech Google Apps Loyalty Bloatware Social Network HVAC Screen Mirroring Frequently Asked Questions Analysis Books Investment Tablets Employee/Employer Relationships Administrator Reputation Mobile Consultant Devices Streaming Media Windows 10s Employees Windows 365 Entrepreneur Content ISP Enterprise Content Management Tech Support Cast Analytics MSP Laptop Tip of the week Accountants webinar Video Conferencing Emergency ROI Techology Bitcoin Shortcuts Microchip Customers Professional Services Best Available Thought Leadership Public Cloud Credit Cards Shortcut Sales Employer Employee Relationship Password Manager Point of Sale Assessment Cost Management Personal Audiobook Cryptomining WIndows 7 Password Management Touchpad Windows Server 2008 Multi-Factor Security Social Networking Supply Chain Management Batteries Search Engine Tools Twitter Monitoring Business Mangement Windows 8.1 Television Digitize Politics Advertising NIST Smart Tech Running Cable Trending Windows Server 2008 R2 Memory Addiction Notifications Amazon Customer relationships PowerPoint Recycling Email Best Practices Public Computer Windows Media Player IT Assessment Manufacturing User Wiring Regulations Practices Transportation

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code