Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Android Google Security Software Technology

Google Play Apps With 150 Million Installs Contain Aggressive Adware (arstechnica.com) 37

Researchers from Checkpoint Software have identified a massive adware campaign that invaded the Google Play Store with more than 200 highly aggressive apps that were collectively downloaded almost 150 million times. "The 210 apps discovered by researchers from security firm Checkpoint Software bombarded users with ads, even when an app wasn't open," reports Ars Technica. "The apps also had the ability to carry out spearphishing attacks by causing a browser to open an attacker-chosen URL and open the apps for Google Play and third-party market 9Apps with a specific keyword search or a specific application's page. The apps reported to a command-and-control server to receive instructions on which commands to carry out." From the report: Once installed, the apps installed code that allowed them to perform actions as soon as the device finished booting or while the user was using the device. The apps also could remove their icon from the device launcher to make it harder for users to uninstall the nuisance apps. The apps all used a software development kit called RXDrioder, which Checkpoint researchers believe concealed its abusive capabilities from app developers. The researchers dubbed the campaign SimBad, because many of the participating apps are simulator games.

"With the capabilities of showing out-of-scope ads, exposing the user to other applications, and opening a URL in a browser, SimBad acts now as an Adware, but already has the infrastructure to evolve into a much larger threat," Checkpoint researchers wrote. The top 14 apps were collectively downloaded a whopping 75 million times, with the No. 1 app receiving 10 million installs and the next 13 getting 5 million downloads each. The next 53 each received 1 million downloads. The remainder received 500,000 or fewer downloads each. Checkpoint has a full list of all the apps here.

This discussion has been archived. No new comments can be posted.

Google Play Apps With 150 Million Installs Contain Aggressive Adware

Comments Filter:
  • It's almost a first for /.

    Does anyone have a good list of IPs to block to make the ads in all the apps unreachable?

    • Install F-Droid [f-droid.org] then install AdAway from it. Or just install AdAway [f-droid.org] from the apk. AdAway requires root because it uses the hosts file to block ads. Works good although it will block almost all ad referral links which can be annoying if you actually want to go to an ad-sponsored link.

      • by rtb61 ( 674572 )

        I have a better solution. Google control that store and clearly they do not give a fuck about the products they sell as long as they get a share of the profits. They only 'care' when they are caught out and forced to do something.

        They control the store, they do so as cheaply as possible and fuck the customers, time to make them pay for that attitude, especially based upon the scale that they do it, literally creating a system on purpose to allow hundreds of millions of people to be ripped off, again and ag

        • by tlhIngan ( 30335 )

          I have a better solution. Google control that store and clearly they do not give a fuck about the products they sell as long as they get a share of the profits. They only 'care' when they are caught out and forced to do something.

          They control the store, they do so as cheaply as possible and fuck the customers, time to make them pay for that attitude, especially based upon the scale that they do it, literally creating a system on purpose to allow hundreds of millions of people to be ripped off, again and aga

        • by Bob_Who ( 926234 )

          Make the fuckers at Alphabet/Google pay and make them really pay, for their cheap arse maximise profits criminal negligence.

          Amen, brother... .. .. ...Well, at least we've got religion, if nothing else.

  • plus one or two photo editing apps. Basically if you don't install dodgy apps it's not a problem. The only odd thing is how many folks don't know any better.
    • plus one or two photo editing apps. Basically if you don't install dodgy apps it's not a problem. The only odd thing is how many folks don't know any better.

      You would be amazed at how many people do exactly that. Trying to get them to stop installing free games and dumb-ass gimmick apps is pretty much hopeless, I know that because I have tried. Also, some of these 'dodgy' apps are not at all obviously dodgy like the games and gimmick apps are. I've seen examples of malicious apps that are both not free, and do quite useful things from the user's point of view. Dodgy apps are not always easy to spot.

      • by sad_ ( 7868 )

        nothing ever changes, people basically do the same thing on windows.
        download and install the most stupid application from any site, no matter how sketchy, just because they think it is funny/handy/...
        we've all seen those pc's, they barely work anymore.

    • by sexconker ( 1179573 ) on Friday March 15, 2019 @06:37PM (#58281408)

      It's not even shovelware. It's farmware.

      Do you really think "Man Casual Shirt Photo Suit" has 500,000 legit downloads? Or that "Christmas letters to santa and three wise man" has 100,000?

      These apps are downloaded almost exclusively by Chinese slaves in click farms in an attempt to get them boosted on the store's charts. It's all about feeding the algorithm in the hopes that some actual people get suckered in and get subjected to the ads.

  • by jeff4747 ( 256583 ) on Friday March 15, 2019 @06:55PM (#58281480)

    I was thinking of leaving Apple's walled garden with my next phone upgrade. I was already kinda hinky about switching due to all phone vendors that stop OS upgrades so quickly, leaving me with only Pixel models to choose from. This pretty much pushes me back inside the fence.

  • will do ads.

The 11 is for people with the pride of a 10 and the pocketbook of an 8. -- R.B. Greenberg [referring to PDPs?]

Working...