Contact us today!

Total Tech Care Blog

Total Tech Care has been serving the Oakland Park area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Infected Applications Removed from Google Play Store

Infected Applications Removed from Google Play Store

We all download apps. There are literally millions of apps to choose from and sometimes nefarious developers can get their application published with ulterior motives. A situation has just happened as Google has removed twenty-two apps that were found to contain automated click-fraud scripts from the Google Play Store. We’ll take a short look at what these developers were up to, and how the fraudster would affect you if you were one of the two million users that happened to download these apps.

What Apps?
First, we’ll start with a complete list of the apps that had been infested with this nefarious code:

  • Sparkle FlashLight
  • Snake Attack
  • Math Solver
  • ShapeSorter
  • Tak A Trip
  • Magnifeye
  • Join Up
  • Zombie Killer
  • Space Rocket
  • Neon Pong
  • Just Flashlight
  • Table Soccer
  • Cliff Diver
  • Box Stack
  • Jelly Slice
  • AK Blackjack
  • Color Tiles
  • Animal Match
  • Roulette Mania
  • HexaFall
  • HexaBlocks
  • PairZap

What Did These Apps Do?
SophosLabs found a cache of apps that feature what they call “Andr/Clickr-ad” malware. These applications are engineered with maximum flexibility in mind. They could contact a common attacker-controller server to download what is called an ad-fraud module. It does this every 80 seconds. The malware simply opened a non-visible window and would repeatedly click on ads, making the network look like it was getting more traffic, fraudulently enhancing the developers’ revenue.

No specific ad network was specified by Sophos, but users who had downloaded these applications would see a decrease in the battery life and/or an increase in the amount of data their device would use. One strange part of this is that some of the ad traffic was able to identify itself as from coming from iPhones, despite this appearing on Android-only apps. They came from “Apple models ranging from iPhone 5 to 8 Plus and from 249 different forged models from 33 distinct brands of Android phones.” This ploy was used as a way to increase revenues further as some advertisers will pay a premium to get their ads onto Apple devices. iOS versions of the apps, largely by the same developers, didn’t have the malicious code integrated.

Download Legit Apps
How can you go about making sure that you aren’t part of this problem? Download legitimate applications. Some of the best ways to make sure the apps you are downloading are legit, include:

  • Read a lot of reviews - Much of the information you will need to see the legitimacy of an application can be found in the review of the app in the store. If you make a point to read eight or more reviews, you will quickly get a good idea about how functional the application is.
  • Check app permissions - Applications need permission from a user to use the core functions of the phone. If the application in question tends to need access to functions that it shouldn’t, you should be skeptical about the application.
  • Check the terms and conditions - Most people don’t go through the terms and conditions of anything, let alone an application for their smartphone. Even if you do make a point to read them, the amount of legalese found is akin to a lullaby or a warm glass of milk. The problem for users is that there is a lot of good information about the applications, and specifically how it uses data. If you do set aside some time to read about it, check out some language that is relevant to the way you use the application.
  • Research the developer - Nowadays, software development is filled with people that are looking to make a name for themselves. This type of ambition can lead to bad decision making. If you take some time to do some basic research about the developer of an app you have reason to question, you’ll likely find the truth of whether they can be trusted or not. If they want to be known, they likely promote their work via social media, so, start there.

Android has millions of legitimate applications on the Google Play Store, so worrying whether or not you’ve downloaded one that will put your data at risk shouldn’t be too worrisome as long as you stick to our best practices. To learn more about technology, security, and mobile strategies, call Total Tech Care today at 866-348-2602.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, 25 June 2019
If you'd like to register, please fill in the username, password and name fields.

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation

      Tag Cloud

      Security Tip of the Week Technology Best Practices Cloud Privacy Hosted Solutions Business Computing Hackers Backup Microsoft Google Business Malware Network Security Internet Efficiency Email Mobile Devices Innovation Software Data Workplace Tips User Tips Productivity Productivity Business Continuity Disaster Recovery Hardware communications IT Services VoIP Browser Smartphones Smartphone Miscellaneous Network Windows 10 Android Computer Business Management Server Upgrade Tech Term Office Outsourced IT Chrome Virtualization Computers Communication Small Business Data Backup Save Money Cybercrime Windows Cloud Computing Managed IT Services Holiday Social Media IT Support Hacking IT Support Alert Data Recovery Managed IT Services Telephone Systems Automation Windows 10 Managed Service Provider Ransomware Microsoft Office Gadgets Artificial Intelligence BYOD Mobile Device Management Recovery Employer-Employee Relationship Mobile Device Collaboration Router Operating System Social Engineering Mobility Quick Tips Internet of Things Cybersecurity Office 365 Mobile Computing App Facebook Money Application Saving Money Passwords Applications Health Users Law Enforcement Spam Remote Monitoring Marketing Office Tips Wi-Fi Password Information Information Technology Bandwidth VPN Networking How To Phishing BDR Private Cloud Flexibility Managed IT HaaS Bring Your Own Device Data Management IT solutions Work/Life Balance Entertainment Website Training Budget Gmail Settings Encryption Google Drive Two-factor Authentication Remote Computing Big Data Avoiding Downtime Mouse Word User Error Vulnerability Meetings Save Time WiFi Hacker Scam Paperless Office History Data Breach Cleaning Apps The Internet of Things USB Wireless Lithium-ion battery Staff Managed Service Connectivity Education Data Security Safety Sports Human Resources Redundancy Firewall Virtual Reality Voice over Internet Protocol Keyboard Government Data Protection Wireless Technology Unified Threat Management Solid State Drive Retail Hard Drives Downtime Computer Accessories Business Intelligence Instant Messaging Comparison Excel Patch Management Wearable Technology Windows 7 Robot CES Data storage Worker Virtual Assistant Access Control Automobile IT Management Biometrics Servers Software as a Service Content Management Telephone System Printer Bluetooth Risk Management IT Plan Computing Infrastructure Machine Learning Blockchain Unsupported Software DDoS Battery Charger IT Consultant End of Support Shadow IT Legal Telephony OneNote Environment Update Physical Security Computer Care Internet Exlporer Humor Fax Server Google Docs Samsung Augmented Reality HIPAA Identity Theft PDF Infrastructure Value Proactive IT Display Spam Blocking Electronic Medical Records SaaS Cryptocurrency Network Congestion Best Practice YouTube Apple Social Fraud Black Market Hiring/Firing eWaste Virus Botnet Document Management Data Storage Emergency Employee Wire Windows Server 2008 Social Networking Amazon Web Services Conferencing Travel Criminal How to Business Technology Manufacturing Administrator Inventory Files Television Managing Stress Chromecast Digital Signage Smart Office Online Shopping Biometric Security Audit Memory Cameras Microchip Specifications Colocation Public Computer Uninterrupted Power Supply Running Cable Virtual Desktop Evernote 5G Computer Fan Monitor Rootkit Search Engine Authentication Millennials Workers Science Going Green Transportation Flash Wireless Charging Printer Server OLED FENG Reputation Vendor Management Streaming Media Bing Nanotechnology Content Workforce IBM Tech Support Laptop Benefits HVAC Sync Customer Relationship Management Cables Techology Cabling Analyitcs Customers Help Desk SharePoint Audiobook Software Tips Programming Telecommuting Supercomputer Emails Touchpad Smart Technology Distributed Denial of Service Enterprise Content Management Customer Service Cortana Default App Digital Signature MSP Shortcuts Devices Politics Remote Work Advertising Current Events Netflix Windows 8 Two Factor Authentication Password Management Google Search Skype Google Apps IT Infrastructure IT service Accountants Root Cause Analysis Notifications Experience Vendor Antivirus Thought Leadership HBO Knowledge Tablet Consultant NIST Net Neutrality Start Menu Analytics Investment Domains Data loss Relocation Remote Worker Music Addiction Outlook Credit Cards Leadership Video Games Best Available ISP Tools Maintenance Password Manager Wiring ROI Smart Tech Worker Commute Screen Mirroring Bloatware Multi-Factor Security Loyalty WIndows 7 Troubleshooting Security Cameras Cache Frequently Asked Questions Business Mangement Scalability Windows 10s Tablets IaaS Safe Mode Cryptomining Camera People Practices Business Owner Cast Entrepreneur Trending NarrowBand Books Smartwatch Wireless Internet Tip of the week Amazon webinar Shortcut Recycling Search Public Cloud Employer Employee Relationship File Sharing Database Warranty PowerPoint Mobile Office Hosted Computing Windows Media Player Cost Management iPhone Assessment User

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...