There are millions of apps to choose from in the Google Play Store and App Store, and sometimes nefarious developers can get their malicious application published. A situation has just happened where Google has removed 22 apps from the Google Play Store that were found to contain automated click-fraud scripts. We’ll take a short look at what these developers were up to and how the fraudster would affect you if you were one of the two million users that happened to download these apps.
What Apps?
First, we’ll start with a complete list of the apps that had been infested with this nefarious code:
- Sparkle FlashLight
- Snake Attack
- Math Solver
- ShapeSorter
- Tak A Trip
- Magnifeye
- Join Up
- Zombie Killer
- Space Rocket
- Neon Pong
- Just Flashlight
- Table Soccer
- Cliff Diver
- Box Stack
- Jelly Slice
- AK Blackjack
- Color Tiles
- Animal Match
- Roulette Mania
- HexaFall
- HexaBlocks
- PairZap
What Did These Apps Do?
SophosLabs—a mix of automated systems and specialized analysts working around-the-clock to fight internet threats—found a cache of apps that feature what they call “Andr/Clickr-ad” malware. These applications are engineered with maximum flexibility in mind. They could contact a common attacker-controller server to download what is called an ad-fraud module. It does this every 80 seconds. The malware simply opened a non-visible window and would repeatedly click on ads, making the network look like it was getting more traffic, fraudulently enhancing the developers’ revenue.
No specific ad network was specified by Sophos, but users who had downloaded these applications would see a decrease in the battery life or an increase in the amount of data their device would use. One strange part of this is that some of the ad traffic was able to identify itself as from coming from iPhones, despite this appearing on Android-only apps. They came from “Apple models ranging from iPhone 5 to 8 Plus and from 249 different forged models from 33 distinct brands of Android phones.” This ploy was used as a way to increase revenues further as some advertisers will pay a premium to get their ads onto Apple devices. iOS versions of the apps, largely by the same developers, didn’t have the malicious code integrated.
Download Legit Apps
How can you go about making sure you aren’t part of this problem? Download legitimate applications. Some of the best ways to make sure the apps you’re downloading are legit include:
- Read a lot of reviews: Much of the information you’ll need to see the legitimacy of an application can be found in the review of the app in the store. If you make a point to read eight or more reviews, you will quickly get a good idea about how functional the application is.
- Check app permissions: Applications need permission from a user to use the core functions of the phone. If the application in question tends to need access to functions it shouldn’t, you should be skeptical about the application.
- Check the terms and conditions: Most people don’t go through the terms and conditions of anything, let alone an application for their smartphone. Even if you do make a point to read them, the amount of jargon found in them is overwhelming. The problem for users is that there’s a lot of good information about the applications and specifically how it uses data. If you do set aside some time to read about it, check out some language that is relevant to the way you use the application.
- Research the developer: Nowadays, software development is filled with people that are looking to make a name for themselves. This type of ambition can lead to bad decision making. If you take some time to do some basic research about the developer of an app you have reason to question, you’ll likely find the truth of whether they can be trusted or not. If they want to be known, they likely promote their work via social media, so start there.
Android has millions of legitimate applications on the Google Play Store, so whether or not you’ve downloaded one that will put your data at risk shouldn’t be too worrisome, as long as you stick to our best practices. To learn more about technology, security and mobile strategies, call Advisors Tech today at 844.671.6071.