Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Infected Applications Removed from Google Play Store

Infected Applications Removed from Google Play Store

We all download apps. There are literally millions of apps to choose from and sometimes nefarious developers can get their application published with ulterior motives. A situation has just happened as Google has removed twenty-two apps that were found to contain automated click-fraud scripts from the Google Play Store. We’ll take a short look at what these developers were up to, and how the fraudster would affect you if you were one of the two million users that happened to download these apps.

What Apps?
First, we’ll start with a complete list of the apps that had been infested with this nefarious code:

  • Sparkle FlashLight
  • Snake Attack
  • Math Solver
  • ShapeSorter
  • Tak A Trip
  • Magnifeye
  • Join Up
  • Zombie Killer
  • Space Rocket
  • Neon Pong
  • Just Flashlight
  • Table Soccer
  • Cliff Diver
  • Box Stack
  • Jelly Slice
  • AK Blackjack
  • Color Tiles
  • Animal Match
  • Roulette Mania
  • HexaFall
  • HexaBlocks
  • PairZap

What Did These Apps Do?
SophosLabs found a cache of apps that feature what they call “Andr/Clickr-ad” malware. These applications are engineered with maximum flexibility in mind. They could contact a common attacker-controller server to download what is called an ad-fraud module. It does this every 80 seconds. The malware simply opened a non-visible window and would repeatedly click on ads, making the network look like it was getting more traffic, fraudulently enhancing the developers’ revenue.

No specific ad network was specified by Sophos, but users who had downloaded these applications would see a decrease in the battery life and/or an increase in the amount of data their device would use. One strange part of this is that some of the ad traffic was able to identify itself as from coming from iPhones, despite this appearing on Android-only apps. They came from “Apple models ranging from iPhone 5 to 8 Plus and from 249 different forged models from 33 distinct brands of Android phones.” This ploy was used as a way to increase revenues further as some advertisers will pay a premium to get their ads onto Apple devices. iOS versions of the apps, largely by the same developers, didn’t have the malicious code integrated.

Download Legit Apps
How can you go about making sure that you aren’t part of this problem? Download legitimate applications. Some of the best ways to make sure the apps you are downloading are legit, include:

  • Read a lot of reviews - Much of the information you will need to see the legitimacy of an application can be found in the review of the app in the store. If you make a point to read eight or more reviews, you will quickly get a good idea about how functional the application is.
  • Check app permissions - Applications need permission from a user to use the core functions of the phone. If the application in question tends to need access to functions that it shouldn’t, you should be skeptical about the application.
  • Check the terms and conditions - Most people don’t go through the terms and conditions of anything, let alone an application for their smartphone. Even if you do make a point to read them, the amount of legalese found is akin to a lullaby or a warm glass of milk. The problem for users is that there is a lot of good information about the applications, and specifically how it uses data. If you do set aside some time to read about it, check out some language that is relevant to the way you use the application.
  • Research the developer - Nowadays, software development is filled with people that are looking to make a name for themselves. This type of ambition can lead to bad decision making. If you take some time to do some basic research about the developer of an app you have reason to question, you’ll likely find the truth of whether they can be trusted or not. If they want to be known, they likely promote their work via social media, so, start there.

Android has millions of legitimate applications on the Google Play Store, so worrying whether or not you’ve downloaded one that will put your data at risk shouldn’t be too worrisome as long as you stick to our best practices. To learn more about technology, security, and mobile strategies, call Total Tech Care today at 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 24 April 2025
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Software Efficiency Network Security Business Google Internet Microsoft Email Malware Backup Workplace Tips Innovation User Tips Data Computer Mobile Devices IT Services Hardware Disaster Recovery Android VoIP communications Business Continuity Smartphones IT Support Communication Miscellaneous Smartphone Mobile Device Browser Small Business Network Collaboration Productivity Quick Tips Cybersecurity Users Business Management Windows Phishing Upgrade Managed IT Services Data Backup Outsourced IT Ransomware Windows 10 Cloud Computing Office Data Recovery Server Save Money Windows 10 Passwords Social Media Chrome Virtualization Tech Term Saving Money Holiday Gadgets Microsoft Office Managed Service Managed IT Services Automation Operating System Cybercrime Computers Artificial Intelligence Facebook Hacking Health BYOD Internet of Things Mobile Device Management Networking IT Support Wi-Fi Information Remote Spam Covid-19 Office 365 Alert Telephone Systems Managed Service Provider Information Technology Social Engineering Mobility Recovery Employer-Employee Relationship Router BDR Bandwidth Big Data Money Encryption Human Resources Applications Mobile Computing Remote Monitoring Law Enforcement Application App History Data Breach Password Apps VPN How To Remote Computing Government Mobile Office Data Storage Private Cloud Patch Management Managed IT Office Tips Blockchain Training Paperless Office Gmail Settings Data Security Infrastructure Two-factor Authentication Voice over Internet Protocol Flexibility Google Drive Marketing WiFi Mouse HaaS IT solutions Entertainment Avoiding Downtime Website Budget Vulnerability Windows 7 Word Wireless Bring Your Own Device Data Management Work/Life Balance Servers Machine Learning Connectivity Remote Work End of Support Firewall Education Physical Security Safety Virtual Reality Sports HIPAA Apple Redundancy Vendor Social Keyboard Managed Services Display User Error Data Protection USB Meetings Conferencing Employee/Employer Relationship RMM Scam Save Time Risk Management Hacker The Internet of Things Cleaning Lithium-ion battery Staff Software as a Service Vendor Management Telephone System Unsupported Software Customer Service Update Charger Battery Procurement Environment Net Neutrality Shadow IT Compliance Workplace Strategy Virus Legal OneNote Fax Server Google Docs Computer Care Identity Theft Current Events Help Desk Internet Exlporer Telephony Printing Unified Threat Management Computer Accessories SaaS Samsung PDF Augmented Reality Managed Services Provider Value Network Congestion Fraud eWaste Spam Blocking Database Proactive IT Electronic Medical Records Remote Worker Printer Bluetooth Remote Workers Best Practice YouTube Hiring/Firing Cryptocurrency Processor Black Market Wearable Technology Hard Drive Retail Comparison Hard Drives Instant Messaging IT Consultant Document Management Solid State Drive CES Wireless Technology Robot Excel How to Business Intelligence Downtime Biometrics Humor Computing Content Management Audit Virtual Desktop Worker Business Technology Access Control IT Management Data storage Automobile Botnet DDoS Virtual Assistant Authentication IT Plan Digital Signage Computing Infrastructure SharePoint Going Green WIndows 7 Project Management Procedure Nanotechnology Saving Time Reputation Telecommuting IBM Streaming Media Analyitcs Google Search Tech Support Programming Smart Technology dark theme Content Flash Shopping Cortana AI Techology Digital Signature IT Infrastructure Laptop Warranty FinTech Software Tips Customers Supercomputer Bing Emails Audiobook HVAC Sync Social Network Antivirus Google Apps Analysis Investment Touchpad Windows 8 User Administrator Employees PowerPoint Devices Employee/Employer Relationships Windows Media Player IT service Netflix ISP Two Factor Authentication Windows 365 Politics Enterprise Content Management Advertising MSP Video Conferencing Accountants Root Cause Analysis ROI Tablet Music Managing Stress Microchip Sales Thought Leadership HBO Bitcoin Domains Credit Cards Knowledge Shortcuts Notifications Password Manager Cryptomining Point of Sale Password Management Skype Personal Supply Chain Management Cameras IaaS Data loss Maintenance Multi-Factor Security Troubleshooting Search Engine Monitoring Twitter Outlook Batteries Relocation Leadership Bloatware Business Mangement Windows 8.1 NIST Start Menu Digitize Video Games Smart Tech Screen Mirroring Windows Server 2008 R2 Trending Loyalty Tablets Entrepreneur Books Customer relationships Worker Commute Addiction Frequently Asked Questions Amazon Recycling Windows 10s Manufacturing Email Best Practices Experience Mobile IT Assessment Wiring Printer Server Scalability Practices Cast Shortcut Cost Management Emergency Computer Tips Business Owner Cache Tip of the week Managed IT Service Amazon Web Services webinar Security Cameras Criminal Public Cloud Biometric Security NarrowBand Social Networking Employer Employee Relationship Virtual CIO Safe Mode Professional Services OneDrive GDPR Peripheral Search Hosted Computing Assessment Digital Security Cameras Wireless Internet Windows Server 2008 Using Data iPhone Online Shopping Running Cable 5G File Sharing Tools Copiers Camera Quick Tip Inventory Specifications Television Memory Ergonomics Wire Files Evernote Smartwatch OLED Chromecast Travel Development Printers PCI DSS Virtual Machine Millennials Public Computer Uninterrupted Power Supply Transportation 2FA Smart Office Regulations Fiber Optics Colocation Wireless Charging Employee Messaging Computer Fan Cabling Rootkit Science Consultant Virtual Private Network Policy Analytics Hypervisor Monitor Workforce Workers Benefits Dark mode Trend Micro Cables SMS Distributed Denial of Service FENG Default App Customer Relationship Management Best Available

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code