[ad_1]
The researchers found that two apps in the Google Play store with 1.5 million downloads in 12 months used a new form of hidden ad-click fraud that would slow phones, increase overall data usage, and offload the battery.
"Idea: OCR Text Scanner, GTD, Color Notes" and "Beauty Fitness: Daily Workout, Best HIIT Coach" from developer Idea Master has managed the impressive number of downloads over the course of a year completely no detected. It's only because of digging Symantec that harmful click fraud and device infections have been found (via ArsTechnica).
Both apps actually used legitimate packagers, which protect the intellectual property of Android apps. In the instance of these compression programs, they can change the entire structure flow of an .apk file. This made it difficult to detect the actual behavior of the application. This also explains why the applications managed to go unnoticed for a year without being detected.
When installed on a device, the application sends a notification using the phone's notification drawer. Once clicked, Toast is used to display a hidden view containing ads. Toast messages are used to display non-intrusive notifications, such as when you adjust the volume.
Ads would "show" outside your screen view, essentially hidden in the background without your knowledge. The developers then defined an automated click process on the ads to generate advertising revenue without the user even being aware of it. After discovering these practices, Symantec warned Google, which then removed the offending offensive adware applications from the Play Store.
This method is quite different from the recent report that revealed that 85 apps on the Play Store were forcing full-screen ads on phones. This insidious method seems much worse in comparison. It's worth being vigilant even when installing applications from legitimate sources.
The security of Play Store has not been excellent this week because earlier this week Kaspersky The hugely popular CamScanner app has been removed for allegedly spreading malware (via Android font). It was restored after the devs removed the AdHub module who turned out to be the culprit. To Google's credit, they quickly removed the application after the reports were released.
More on the Google Play Store:
Buy 9to5Google on YouTube for more news:
[ad_2]
Source link