Security researchers are informing users about virtually two dozen Android apps found to contain “sophisticated” malware.
The apps, who the hell is disguised as everything from flashlight tools to mobile games, employment by forcing an individual’s telephone to unknowingly click on ads, thus collecting revenue for the app developers.
Although Google removed the offending apps from its store at the end of November, the click-fraud operations continue as the code remains active on innumerable phones.
” Instructions sent by the command-and-control server send the malware to send ad requests pretending to has been derived from a variety of apps( that are otherwise unrelated to these apps) running on a wide range of mobile phone models ,” Sophos notes.
The malware is designed to click on ads in a veiled window, constructing it nearly impossible for the average consumer to see its presence.
” The ad calls do not result in the expected, disruptive, full-screen ads that would otherwise annoy the user of the machine and draw attention to the app ,” Sophos reports.” Instead, malicious ad calls are made in a obscured browser window, inside of which the app simulates a consumer interaction with the advertising .”
Sophos also found that the malware was able to spoof telephone modelings in order to delude ad systems. Ads clicked on by iPhones, for example, can produce more revenue than their Android counterparts.
” Advertisers will pay a premium to reach the supposedly deep-pocket proprietors of Apple telephones and tablets ,” Sophos writes.” As click-fraud grows as a revenue stream for unscrupulous mobile app developers, it turns out that it salaries well to lie about what kind of mobile machine is fraudulently clicking those ads .”
Among the malicious apps, one known as Sparkle Flashlight was downloaded over 1 million times. The apps received high-pitched ratings on the Google Play store as users were unaware of their nefarious nature.
Although the apps were known to heavily drain both one’s data and battery, customers would almost certainly be unable to situate the resources of the issue due to the malware’s design.
” The only impressions a user might notice is that the apps would use a significantly greater amount of data, at all periods, and expend the phone’s battery power at a more rapid rate that the phone would otherwise expect ,” Sophos adds.” Because customers would not be able to correlate these effects to the apps themselves, their Play Market reviews for these apps depicted few negative notes .”
And while the developers were found to have active apps available for iPhone , none were found to contain the malicious click-fraud code.
Sophos has published a full listing of the fraudulent apps on its website, offering users a chance to pinpoint and remove them if necessary.
READ MORE 😛 TAGEND
The post Look out for these 22 Android apps that contain’ sophisticated’ malware seemed firstly on The Daily Dot.
Read more: dailydot.com