'SimBad': Android Adware Hits 210 Apps with 150M Downloads
Google has removed infected applications from the Google Play store after a form of adware potentially affected millions of users.
SimBad, a newly discovered form of adware, was discovered on 210 Android apps on the Google Play store. About 150 million people had download the apps, Check Point reports.
This particular malware exists in the RXDrioder software development kit, researchers report. They believe developers were tricked into using the SDK, unaware it was malicious. They also point out the campaign did not target a specific country or apps created by the same developer.
When a user downloads and installs an infected application, most of which are simulator games, SimBad can perform actions after the device finishes booting and while the user is on his device. The malware connects to a command-and-control server and can perform any of several capabilities. For example, researchers say, its operators could display background ads for their own profit.
SimBad's authors also could open a given URL in a browser, a capability they could use to generate phishing pages across platforms and launch spear-phishing attacks. They also could open market applications (Google Play, 9Apps) to specific apps and increase their profits.
Google "was swiftly notified" and has removed the infected apps from the Google Play store.
Read more details here.
Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.
About the Author
You May Also Like
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024