Wednesday, February 21, 2024

Malicious Code in Kids Game Apps on Google Play Pushing Porn Ads – More than 60 Game Apps Infected

Cybercriminals started focussing on game apps which are used by children to install fake apps, registering premium services and porn ads.

Security researchers from checkpoint identified the malicious code dubbed “AdultSwine” hides into more than 60 game apps and they are downloaded between 3 million and 7 million times.

How does it Displaying  Porn Ads

The malicious apps targetting victims by displaying inappropriate pornographic ads, tricking to install fake security apps and premium subscriptions.

Once the malicious app is installed on the device, it waits for a boot to occur or for a user to unlock his screen, upon which it initiates its malicious activity, researchers said.

Also Read: A Man Used Fruitfly macOS Malware over 13 Years For Spying Thousand of Computers

Functions of Malicious Code

Displaying pornographic ads

Once the malicious app triggered it contacts the C&C server to report installation and provides the device details and it determines which ads to be displayed on which apps.

Then it verifies what are the apps running on the device, once all the conditions satisfied it will start showing inappropriate apps.

Tricking users to install security apps

It uses to scare use by displaying that your device “infected with a virus” and shows notification “Remove Virus Now” posing a fake virus remover app from the google play store. Even after Google play, crooks find some advanced sophisticated methods to add malicious apps to play store.

Forcing to register For Premium Services

Another technique is forcing users to register for fraudulent premium services charging victims credit account, it initially displays a popup add and attempts to convince the user to register for premium service.

It tricks “that user deserving to win an iPhone by answering short questions” and get the number from users and the ad itself register for premium services.

Common Defences and Mitigations

Researchers from Checkpoint notified to google and the affected apps removed now.

  • Give careful consideration to the permission asked for by applications.
  • Download applications from trusted sources.
  • Stay up with the latest version.
  • Encrypt your devices.
  • Make frequent backups of important data.
  • Install anti-malware on their devices.
  • Stay strict with CIA Cycle.
Website

Latest articles

Beware of VietCredCare Malware that Steals businesses’ Facebook Accounts

A new cybersecurity threat targeting Facebook advertisers in Vietnam, known as VietCredCare, has emerged....

Google Chrome 122 Update Addresses Critical Security Vulnerabilities

Google has recently unveiled Chrome 122, a significant milestone for the widely used web...

New Malicious PyPI Packages Use DLL Sideloading In A Supply Chain Attack

Researchers have discovered that threat actors have been using open-source platforms and codes for...

New Mingo Malware Attacking Linux Redis Servers To Mine Cryptocurrency

The malware, termed Migo by the creators, attempts to infiltrate Redis servers to mine cryptocurrency on...

Security Onion 2.4.50 Released for Defenders With New Features

Security Onion Solutions has recently rolled out the latest version of its network security...

VMware Urges to Remove Enhanced EAP Plugin to Stop Auth & Session Hijack Attacks

VMware has issued an urgent advisory to administrators to remove a deprecated authentication plugin...

LockBit Ransomware Members Charged by Authorities, Free Decryptor Released

In a significant blow to one of the most prolific ransomware operations, authorities from...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Live Account Takeover Attack Simulation

Live Account Take Over Attack

Live Webinar on How do hackers bypass 2FA ,Detecting ATO attacks, A demo of credential stuffing, brute force and session jacking-based ATO attacks, Identifying attacks with behaviour-based analysis and Building custom protection for applications and APIs.

Related Articles