Google has removed over 60 games from the Play Store after security firm Check Point announced that the apps were ridden with malware, and also serving p0rn ads.
The AdultSwine malware was found to be in a number of games, most of which had been download millions of times. Apart from displaying p0rn ads to those who download it, the malware also used trickish means to make users into installing fake security tools, and also encouraged them to register for expensive premium services. Check Point claimed that the games were targeted towards children but Google disagreed the claim.
According to Check Point security, the mode of operation of the AdultSwine is similar to other Android malware. Once the user installs an infected app, the malicious code phones home to a command and control server for further instructions.
In other to avoid suspicion, the instructions decides the type of ads to show, and on which apps and then makes it difficult for the user to uninstall the app by hiding the icon.
"It is interesting to note that the server however forbids ads to be displayed over certain apps such as browsers and social networks, in order to avoid suspicion," Check Point said.
"The malicious code then verifies certain conditions regarding the device's status and checks which app is currently running on screen. Once all its terms are met, it begins to display the illegitimate ads outside of the app's context. if it embedded inside a web browser app the ads will be displayed inside that browser, if only they will be displayed inside a designated web view.
"As for the ads being, they come from two main sources; the first is that of the main ad providers, which forbid such illegitimate display of their ads. The second is the malicious code's own ad library, which contains ads of an offensive nature, including p0rnographic ads. All these are displayed to children while playing the game that the app is masquerading as."
The full list of infected apps can be found on Check Point website
0 comments:
Post a Comment