If You Have Children or Grandchildren Read This
Researchers at Check Point have discovered malware in apps aimed at children which display porn advertisements, encourage installation of fake security software, and steal personal information and credentials.
The apps were available from Google Play and since the report (featured below) was published, Google has removed the apps and the developer’s account.
If you have children or grandchildren who have smartphones or tablets, please read the article by Check Point.
Malware Displaying Porn Ads Discovered in Game Apps on Google Play
Check Point Researchers have revealed a new and nasty malicious code on Google Play Store that hides itself inside around 60 game apps, several of which are intended to be used by children. According to Google Play’s data, the apps has so far been downloaded between 3 million and 7 million times.
How It Works
Dubbed ‘AdultSwine’, these malicious apps wreak havoc in three possible ways:
- Displaying ads from the web that are often highly inappropriate and pornographic.
- Attempting to trick users into installing fake ‘security apps’.
- Inducing users to register to premium services at the user’s expense.
Apart from these current three main activities, the malicious code can use its infrastructure to broaden its goals to other purposes, such as credential theft.
Figure 1: AdultSwine operation flow
Once the malicious app is installed on the device, it waits for a boot to occur or for a user to unlock his screen, upon which it initiates its malicious activity.
Illegitimate and Inappropriate Ads
First, the malicious code contacts its Command and Control server (C&C) to report the successful installation, sends data about the infected device and then receives the configurations, which determine its course of operation. These configurations instruct it on whether to hide its icon (to encumber removal), which ads to display, over which apps and on what terms. It is interesting to note that the server however forbids ads to be displayed over certain apps such as browsers and social networks, in order to avoid suspicion…
“The apps were available from Google Play and since the report (featured below) was published, Google has removed the apps and the developer’s account.”
These kind of “developers” are despicable.
While I’m glad that Google removed removed these apps and developer accounts, it isn’t enough.
These “developers” will simply open accounts under new names and republish the apps under different names.
It would be more responsible for Google to insure the safety of kids game apps BEFORE making them available for download. I wonder how many kids were exposed to this trash before it was discovered and removed. One kid is one too many.
Perhaps putting anything capable of downloading game apps in the hands of young children should be seriously reconsidered by the parents. Beyond that, a parental control to prevent downloading apps of any kind should be in place, if it isn’t already.