60,000+ Android Apps Delivered Adware to Users’ Devices
As highlighted by Bleeping Computer, security researchers discovered over 60,000 Android apps purporting to be legitimate programs have been secretly installing adware on users’ devices for the past six months. The Romanian cybsecurity firm Bitdefender warned, “To date, Bitdefender has discovered 60,000 completely different samples (unique apps) carrying the adware and we suspect there is much more in the wild.”
As highlighted by Bleeping Computer, security researchers discovered over 60,000 Android apps purporting to be legitimate programs have been secretly installing adware on users’ devices for the past six months. The Romanian cybsecurity firm Bitdefender warned, “To date, Bitdefender has discovered 60,000 completely different samples (unique apps) carrying the adware and we suspect there is much more in the wild.”
Researchers believe this adware campaign started in October of last year, and that bad actors advertised these apps falsely as security software, game hacks, cheats, VPN apps, even Netflix clients, targeting users in the following fives countries: The United States, South Korea, Brazil, Germany, the United Kingdom, and France.
One tricky element to this story is these apps were not downloaded on the Google Play Store, Android’s main app store. Rather, these apps were installed from URLs in Google Search from sites that allow you to download files outside official app marketplaces. When you install one of these apps, it hides itself on your phone, because it isn’t meant to be opened: It lies dormant for two hours, before registering two “intents” that instruct the app to open whenever you turn on or unlock your phone.
It then springs into action, pinging its host server to deliver you malicious ads. These ads make the ad developers money, at your detriment. Luckily, that appears to be the extent of the crime as of now, but security researchers stress it’s a slippery slope, as the system that allows these bad actors to deliver you ads could also deliver you malicious websites.
It’s another example of how we all need to be careful when downloading apps online, as they can affect your own data as well as the data of your business. If you have an Android device, try to download all apps from the official app store (iPhones can’t download apps outside the App Store in the first place). If you must download an app from a third-party site, make sure it’s reputable, such as from APK Mirror.
No matter where you download your apps from, make sure to thoroughly vet the description, images, and reviews before downloading.
Photo by Denny Müller on Unsplash
Share This