Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Infected Applications Removed from Google Play Store

Infected Applications Removed from Google Play Store

We all download apps. There are literally millions of apps to choose from and sometimes nefarious developers can get their application published with ulterior motives. A situation has just happened as Google has removed twenty-two apps that were found to contain automated click-fraud scripts from the Google Play Store. We’ll take a short look at what these developers were up to, and how the fraudster would affect you if you were one of the two million users that happened to download these apps.

What Apps?
First, we’ll start with a complete list of the apps that had been infested with this nefarious code:

  • Sparkle FlashLight
  • Snake Attack
  • Math Solver
  • ShapeSorter
  • Tak A Trip
  • Magnifeye
  • Join Up
  • Zombie Killer
  • Space Rocket
  • Neon Pong
  • Just Flashlight
  • Table Soccer
  • Cliff Diver
  • Box Stack
  • Jelly Slice
  • AK Blackjack
  • Color Tiles
  • Animal Match
  • Roulette Mania
  • HexaFall
  • HexaBlocks
  • PairZap

What Did These Apps Do?
SophosLabs found a cache of apps that feature what they call “Andr/Clickr-ad” malware. These applications are engineered with maximum flexibility in mind. They could contact a common attacker-controller server to download what is called an ad-fraud module. It does this every 80 seconds. The malware simply opened a non-visible window and would repeatedly click on ads, making the network look like it was getting more traffic, fraudulently enhancing the developers’ revenue.

No specific ad network was specified by Sophos, but users who had downloaded these applications would see a decrease in the battery life and/or an increase in the amount of data their device would use. One strange part of this is that some of the ad traffic was able to identify itself as from coming from iPhones, despite this appearing on Android-only apps. They came from “Apple models ranging from iPhone 5 to 8 Plus and from 249 different forged models from 33 distinct brands of Android phones.” This ploy was used as a way to increase revenues further as some advertisers will pay a premium to get their ads onto Apple devices. iOS versions of the apps, largely by the same developers, didn’t have the malicious code integrated.

Download Legit Apps
How can you go about making sure that you aren’t part of this problem? Download legitimate applications. Some of the best ways to make sure the apps you are downloading are legit, include:

  • Read a lot of reviews - Much of the information you will need to see the legitimacy of an application can be found in the review of the app in the store. If you make a point to read eight or more reviews, you will quickly get a good idea about how functional the application is.
  • Check app permissions - Applications need permission from a user to use the core functions of the phone. If the application in question tends to need access to functions that it shouldn’t, you should be skeptical about the application.
  • Check the terms and conditions - Most people don’t go through the terms and conditions of anything, let alone an application for their smartphone. Even if you do make a point to read them, the amount of legalese found is akin to a lullaby or a warm glass of milk. The problem for users is that there is a lot of good information about the applications, and specifically how it uses data. If you do set aside some time to read about it, check out some language that is relevant to the way you use the application.
  • Research the developer - Nowadays, software development is filled with people that are looking to make a name for themselves. This type of ambition can lead to bad decision making. If you take some time to do some basic research about the developer of an app you have reason to question, you’ll likely find the truth of whether they can be trusted or not. If they want to be known, they likely promote their work via social media, so, start there.

Android has millions of legitimate applications on the Google Play Store, so worrying whether or not you’ve downloaded one that will put your data at risk shouldn’t be too worrisome as long as you stick to our best practices. To learn more about technology, security, and mobile strategies, call Total Tech Care today at 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 02 April 2025
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Efficiency Software Google Business Network Security Microsoft Internet Email Malware Workplace Tips Backup Innovation Data User Tips Computer Mobile Devices IT Services Hardware Disaster Recovery Android VoIP communications IT Support Smartphones Communication Business Continuity Miscellaneous Smartphone Mobile Device Network Browser Small Business Collaboration Productivity Cybersecurity Quick Tips Business Management Users Phishing Upgrade Windows Managed IT Services Outsourced IT Ransomware Data Backup Windows 10 Office Cloud Computing Server Save Money Data Recovery Passwords Windows 10 Saving Money Holiday Chrome Virtualization Tech Term Gadgets Social Media Microsoft Office Managed Service Managed IT Services Automation Artificial Intelligence Cybercrime Operating System Computers Facebook Mobile Device Management Wi-Fi Health Networking IT Support Hacking Internet of Things BYOD Covid-19 Managed Service Provider Spam Information Office 365 Telephone Systems Information Technology Remote Alert Recovery Employer-Employee Relationship Bandwidth Social Engineering Mobility Router BDR Password Human Resources Money Encryption Big Data Remote Monitoring Applications Data Breach App Law Enforcement History Mobile Computing Application Managed IT Apps Remote Computing Data Storage Patch Management Blockchain Mobile Office Paperless Office Government Office Tips Training Private Cloud How To VPN Settings Bring Your Own Device Data Management Work/Life Balance Two-factor Authentication Vulnerability Mouse HaaS Windows 7 Word Google Drive Servers Flexibility Avoiding Downtime Marketing Infrastructure WiFi Voice over Internet Protocol Wireless Data Security IT solutions Entertainment Website Budget Gmail Data Protection Firewall Cleaning Vendor Managed Services Virtual Reality Display Apple Conferencing End of Support Social Scam Education Physical Security Employee/Employer Relationship User Error Safety Software as a Service RMM Telephone System Staff HIPAA Sports Meetings Machine Learning Redundancy Keyboard Connectivity Remote Work Vendor Management Risk Management Hacker The Internet of Things Lithium-ion battery USB Save Time Customer Service Cryptocurrency Data storage Environment IT Consultant Spam Blocking Electronic Medical Records Automobile Managed Services Provider Fax Server Computing Infrastructure Comparison Humor Hiring/Firing Database Going Green SaaS CES Remote Workers Processor Business Technology Battery Content Management Access Control Shadow IT Network Congestion eWaste Legal Business Intelligence Hard Drive Virtual Assistant Authentication Audit Internet Exlporer Worker IT Management Botnet PDF Computing Virus Wearable Technology IT Plan Update Retail Hard Drives Instant Messaging Proactive IT Unified Threat Management Computer Accessories Robot Excel Unsupported Software Google Docs Best Practice Biometrics Identity Theft YouTube Charger Digital Signage Virtual Desktop Black Market Compliance OneNote Computer Care Current Events Printer DDoS Telephony Bluetooth Procurement Augmented Reality Document Management SharePoint Solid State Drive Workplace Strategy Fraud Wireless Technology Samsung Net Neutrality How to Downtime Help Desk Remote Worker Printing Value Leadership ROI Troubleshooting Outlook Recycling Video Conferencing Start Menu Practices Colocation Sales Uninterrupted Power Supply Bitcoin Shortcuts Wiring Antivirus Cache Point of Sale Screen Mirroring Amazon Web Services Personal Loyalty Cryptomining Supply Chain Management Books Safe Mode Windows 8 Frequently Asked Questions Criminal Monitor Mobile Hosted Computing Monitoring Windows 10s Batteries IT service GDPR Wireless Internet Windows 8.1 Cast Online Shopping Digitize webinar Streaming Media Windows Server 2008 R2 Emergency File Sharing Tablet Tip of the week Reputation Professional Services Inventory Customer relationships Public Cloud Specifications Tech Support Employer Employee Relationship Domains Camera Content Manufacturing Wire Techology Email Best Practices Evernote Laptop Consultant IT Assessment Assessment Travel Analytics IaaS Maintenance Windows Server 2008 Customers Bloatware Tools Computer Tips Millennials Managed IT Service Security Cameras Printers Audiobook Biometric Security Smart Office Virtual CIO Wireless Charging Touchpad Best Available OneDrive Television WIndows 7 Peripheral Tablets Entrepreneur Advertising Digital Security Cameras Workforce Using Data Virtual Private Network Politics 5G Cables Copiers Public Computer Quick Tip Notifications Transportation Shortcut Regulations Project Management Cost Management Nanotechnology Ergonomics Computer Fan Telecommuting Rootkit Smartwatch OLED Social Networking Cortana Development Digital Signature Relocation User PCI DSS Workers PowerPoint Virtual Machine Benefits Windows Media Player Warranty 2FA FENG Fiber Optics Employee Cabling Running Cable HVAC Video Games Google Apps Messaging IBM Flash Analysis Managing Stress Policy Hypervisor Smart Technology Worker Commute Memory Administrator Experience Devices Dark mode Trend Micro Supercomputer Cameras Default App Enterprise Content Management Scalability Software Tips SMS Sync Accountants Procedure Emails Saving Time MSP Business Owner Microchip Thought Leadership dark theme Credit Cards NarrowBand Shopping Google Search IT Infrastructure Password Management Search Science Password Manager AI iPhone FinTech Netflix Multi-Factor Security Two Factor Authentication Bing Search Engine Twitter Root Cause Analysis Social Network Knowledge Printer Server Investment Music Distributed Denial of Service Customer Relationship Management NIST HBO Business Mangement Analyitcs Skype Smart Tech Files Employees Trending Employee/Employer Relationships Programming Addiction Windows 365 Data loss Amazon Chromecast ISP

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code