Cybersecurity researchers from WhiteOps’ Satori Threat Intelligence and Research team have found a number of malicious apps on the Google Play Store that trick users into seeing unexpected ads.
The investigation by the security team dubbed “CopyCatz” found 164 apps on the Play Store that were masquerading as popular apps to garner downloads and trick users into seeing “whole bunch of unexpected ads,” according to a blog post by the firm.
The apps had over 10 million downloads. However, these apps have been removed from the Play Store, according to the post.
“The Satori team discovered that these apps contain code capable of displaying out-of-context ads under the com.tdc.adservice package,” the blog read.
How these apps behave is controlled using JSON (JavaScript Object Notation), a data-interchange format hosted on Dropbox. The apps were relatively easy to track as they all had the open-source Evernote job scheduler embedded inside used as a persistence mechanism.
Dropbox and Evernote were victims of the operation, WhiteOps clarified.
The apps ranged from gaming apps, internet speed testing apps and video and audio editing apps. The whole list can be found on WhiteOps' blog. Users have been advised to remove such apps and to only install the official version of popular apps from the Play Store to avoid such threats.
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.