If You Have Children or Grandchildren Read This
Researchers at Check Point have discovered malware in apps aimed at children which display porn advertisements, encourage installation of fake security software, and steal personal information and credentials.
The apps were available from Google Play and since the report (featured below) was published, Google has removed the apps and the developer’s account.
If you have children or grandchildren who have smartphones or tablets, please read the article by Check Point.
Check Point Researchers have revealed a new and nasty malicious code on Google Play Store that hides itself inside around 60 game apps, several of which are intended to be used by children. According to Google Play’s data, the apps has so far been downloaded between 3 million and 7 million times.
How It Works
Dubbed ‘AdultSwine’, these malicious apps wreak havoc in three possible ways:
- Displaying ads from the web that are often highly inappropriate and pornographic.
- Attempting to trick users into installing fake ‘security apps’.
- Inducing users to register to premium services at the user’s expense.
Apart from these current three main activities, the malicious code can use its infrastructure to broaden its goals to other purposes, such as credential theft.
Figure 1: AdultSwine operation flow
Once the malicious app is installed on the device, it waits for a boot to occur or for a user to unlock his screen, upon which it initiates its malicious activity.
Illegitimate and Inappropriate Ads
First, the malicious code contacts its Command and Control server (C&C) to report the successful installation, sends data about the infected device and then receives the configurations, which determine its course of operation. These configurations instruct it on whether to hide its icon (to encumber removal), which ads to display, over which apps and on what terms. It is interesting to note that the server however forbids ads to be displayed over certain apps such as browsers and social networks, in order to avoid suspicion…