Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

New Stealthy Ad Clicking Tactics Found in Popular Apps

New Stealthy Ad Clicking Tactics Found in Popular Apps on Google Play

Symantec Threat Intelligence: New Stealthy Ad Clicking Tactics Found in Popular Apps on Google Play

• Two apps with over 1.5 million downloads use new method to stealthily click ads on users’ devices.
• Apps present on Play Store for almost a year before being discovered.

Symantec recently spotted a new tactic being used by apps on the Google Play Store to stealthily perform ad-clicking on users’ devices. A developer known as Idea Master has published two popular apps on the Play Store in the past year, with a collective download count of approximately 1.5 million. Symantec has informed Google of the observed behaviour and the apps have now been removed from the Play Store.

The two apps, a notepad app (Idea Note: OCR Text Scanner, GTD, Color Notes) and a fitness app (Beauty Fitness: daily workout, best HIIT coach), are packed using legitimate packers originally developed to protect the intellectual property of Android applications. Android packers can change the entire structure and flow of an Android Package Kit (APK) file, which complicates things for security researchers who want to decipher the APK’s behavior. This also explains the developer’s ability to remain on the Play Store performing malicious acts under the radar for nearly a year before being detected.


Idea Master's apps display semi-automated ad-clicking behaviour
Unlike hidden views where the view is set to transparent in order to hide content from the user, this threat actor deploys a much more cunning way of running the advertisements while keeping them hidden from the user. The app can then initiate an automated ad-clicking process that produces ad revenue.
As threat actors generate ghost clicks and ad revenue, impacted devices will suffer from drained batteries, slowed performance, and a potential increase in mobile data usage due to frequent visits to advertisement websites.
These apps went unnoticed on the Google Play Store for nearly a year, affecting roughly 1.5 million users before we uncovered their sneaky behaviour. The apps’ use of Android packers and the unusual method of hiding advertisements adds a level of complexity for security researchers.

Protection
Symantec and Norton products detect these apps as the following:
Android.MalApp
Mitigation
Since the applications are still available on Google Play, we strongly encourage users to manually uninstall them from their devices. Additionally, we advise users to take the following precautions:
• Keep your software up to date.
• Do not download apps from unfamiliar sites.
• Only install apps from trusted sources.
• Pay close attention to the permissions requested by apps.
• Install a suitable mobile security app, such as Norton or Symantec Endpoint Protection Mobile, to protect your device and data.

• Make frequent backups of important data.

You can read the full blog here. For more information or to speak to a Symantec expert, contact Fred Russo on 021 403 509 or fredr@botica.co.nz.

ends

© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

Up 0.5% In June Quarter: Services Lead GDP Growth

“Service industries, which represent about two-thirds of the economy, were the main contributor to GDP growth in the quarter, rising 0.7 percent off the back of a subdued result in the March 2019 quarter.” More>>

ALSO:

Pickers: Letter To Immigration Minister From Early Harvesting Growers

A group of horticultural growers are frustrated by many months of inaction by the Minister who has failed to announce additional immigrant workers from overseas will be allowed into New Zealand to assist with harvesting early stage crops such as asparagus and strawberries. More>>

ALSO:

Non-Giant Fossil Disoveries: Scientists Discover One Of World’s Oldest Bird Species

At 62 million-years-old, the newly-discovered Protodontopteryx ruthae, is one of the oldest named bird species in the world. It lived in New Zealand soon after the dinosaurs died out. More>>

Rural Employers Keen, Migrants Iffy: Employment Visa Changes Announced

“We are committed to ensuring that businesses are able to get the workers they need to fill critical skills shortages, while encouraging employers and regions to work together on long term workforce planning including supporting New Zealanders with the training they need to fill the gaps,” says Iain Lees-Galloway. More>>

ALSO:

Marsden Pipeline Rupture: Report Calls For Supply Improvements, Backs Digger Blame

The report makes several recommendations on how the sector can better prevent, prepare for, respond to, and recover from an incident. In particular, we consider it essential that government and industry work together to put in place and regularly practise sector-wide response plans, to improve the response to any future incident… More>>

ALSO: