Google culls 60 Android apps after malware pushes porn on children

Postado Janeiro 13, 2018

"It's insidious as it originates in apps downloaded from trusted sources such as Google Play". The researchers said the code could "wreak havoc" in three possible ways: display web ads that were often inappropriate and pornographic, attempt to trick users into installing fake "security apps", and try to make users register for some sort of premium services at a cost.

"We've removed the apps from Play, disabled the developers' accounts, and will continue to show strong warnings to anyone that has installed them", Google said in an emailed statement.

Scare users into installing fake "security apps".

Google has removed from its Google Play Store more than 60 gaming apps, many seemingly targeted at kids, that contained malware that showed pornographic ads. Google says it also vets every app developer in Google Play. After a download, the app only had to wait for a reboot, or for the user to unlock their screen, to start sending information back to a command and control server, which would then serve the ads.

Is Google doing enough to protect against Android app malware? But the fake security app also contains malicious software, or malware.

AdultSwine's third malicious activity is to charge the victim's account for fraudulent premium services they did not request.

The company is "struggling to keep certain malware outside the App store" because some nasty code can only be detected by dynamically analyzing the context of an app's actions, which is hard to do, a Check Point researcher explains.

The scareware "virus removal" tool has also been removed from Google Play for using inappropriate marketing tactics to drive installs.

"Due to the pervasive use of mobile apps, "AdultSwine" and other similar malware will likely be continually repeated and imitated by hackers". "While in some cases this link is merely an advertisement, it could also lead to whatever social engineering scheme the hacker has in mind".

Check Point found the malicious code, named "Adult Swine" by firm, in a number games aimed at children, including McQueen Car Racing Game, an app based on the Disney Pixar character from Cars.