New malware infects over 36.5 million Android devices to generate fraudulent ad revenue

By Jos ยท 9 replies
May 29, 2017
Post New Reply
  1. Up to 36.5 million Android devices may have been infected with a newly discovered piece of malware that generated fraudulent ad revenue for its creators. The malicious code was spotted in in 41 apps developed by a Korean company named Kiniwini and registered on Google Play as ENISTUDIO Corp., which produces a series of casual cooking and fashion games under the “Judy” brand.

    According to CheckPoint Security, most of these apps have been on the Play Store for a long time but they were all recently updated so it’s unclear as to when the malicious code was added.

    In order to circumvent Google Play’s Protection, the hackers only downloaded the actual malicious payload after the app had been installed by connecting to a C&C server (Command and Control). This includes JavaScript code, a user-agent string and URLs controlled by the malware authors. Once a connection is established, the malware opens said URLs in the background and starts generating clicks.

    Although this is potentially the most widely-spread malware yet found on Google Play, it isn’t the first nor the most damaging. CheckPoint says it did not find any evidence of compromised user data.

    Google has removed the apps after being notified by CheckPoint but you can find the complete list of the affected apps here, and of course, if any of them are on your phone you should uninstall right away.

    Permalink to story.

  2. VitalyT

    VitalyT Russ-Puss Posts: 3,793   +2,118

    Characters straight from Gangnam song. Something is wrong with Koreans these days.
  3. bexwhitt

    bexwhitt TS Guru Posts: 365   +77

    Techspot fails at basic maths and assumes that the affected apps are all downloaded on one per device.
  4. Uncle Al

    Uncle Al TS Evangelist Posts: 3,741   +2,288

    While I am in favor of public execution for hackers, I'm a little less harsh on those that engage in this sort of thing; so lets do something much more humain such as remove their thumbs and index fingers ..... that will slow their skills for awhile and let them ponder what their professional futures will be when caught again and the remainder of their digits are removed ...... Still too harsh???
    Skidmarksdeluxe likes this.
  5. VitalyT

    VitalyT Russ-Puss Posts: 3,793   +2,118

    That mini saw from the last news now seems even more practical...

    Last edited: May 30, 2017
    Uncle Al and Raoul Duke like this.
  6. well it does say "up to" and "may have been", I call them weasel words since they are weaseling out of making a more definitive statement. Like the ads, save up to 50%. Virtually meaningless, is almost everything in the store 50% off, or is it a 'loss leader' that they had 2 items in stock and the rest of the store is like 1% off. You can't tell.
  7. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 8,647   +3,277

    Too lenient.
    Uncle Al likes this.
  8. Uncle Al

    Uncle Al TS Evangelist Posts: 3,741   +2,288

    Yeah, I suppose I'm getting soft in my old age .......
    Skidmarksdeluxe likes this.
  9. bexwhitt

    bexwhitt TS Guru Posts: 365   +77

    It says "over" in the title, and if that's true D Trump is the best President EVER.
  10. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 8,647   +3,277

    Actually the opposite is usually true. The older one gets, the more cynical and less tolerant they become of most things... well in my experience anyway.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...