Cybercriminals started focussing on game apps which are used by children to install fake apps, registering premium services and porn ads.
Security researchers from checkpoint identified the malicious code dubbed “AdultSwine” hides into more than 60 game apps and they are downloaded between 3 million and 7 million times.
The malicious apps targetting victims by displaying inappropriate pornographic ads, tricking to install fake security apps and premium subscriptions.
Once the malicious app is installed on the device, it waits for a boot to occur or for a user to unlock his screen, upon which it initiates its malicious activity, researchers said.
Also Read: A Man Used Fruitfly macOS Malware over 13 Years For Spying Thousand of Computers
Once the malicious app triggered it contacts the C&C server to report installation and provides the device details and it determines which ads to be displayed on which apps.
Then it verifies what are the apps running on the device, once all the conditions satisfied it will start showing inappropriate apps.
It uses to scare use by displaying that your device “infected with a virus” and shows notification “Remove Virus Now” posing a fake virus remover app from the google play store. Even after Google play, crooks find some advanced sophisticated methods to add malicious apps to play store.
Another technique is forcing users to register for fraudulent premium services charging victims credit account, it initially displays a popup add and attempts to convince the user to register for premium service.
It tricks “that user deserving to win an iPhone by answering short questions” and get the number from users and the ad itself register for premium services.
Researchers from Checkpoint notified to google and the affected apps removed now.
PlugX malware is sophisticated in evasion, as it uses the following techniques to avoid detection by antivirus programs, making it…
Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative targets. Outlook vulnerabilities offer:- Access to…
An unauthenticated Bluetooth keystroke-injection vulnerability that affects Android, macOS, and iOS devices has been discovered. This vulnerability can be exploited…
Atlassian has been discovered with four new vulnerabilities associated with Remote Code Execution in multiple products. The CVEs for these…
Reflectiz, a cybersecurity company specializing in continuous web threat management, proudly introduces a new AI-powered capability enhancing its Smart Alerting…
Spectre is a class of speculative execution vulnerabilities in microprocessors that can allow threat actors unauthorized access to sensitive data.…