Trojans in
Google Play Store
"Porn Clicker": More than 300 fake games in the App Store
It has again
crept a Trojan in the app store Google Play. The malware exploits no data from,
but without knowledge of the user accepts connection to advertising platforms
with pornography, and also circumvents many antivirus programs.
The security
firm Eset warns the Trojans from the so-called "Porn-Clicker Group",
which masquerades as a special version of popular games in the Google Play
Store. The infected with the Trojan games seem almost unchanged on the right
game by the name, icon design and description in the store. The experts from
the security company could, for example, find more than 60 incorrect versions
of GTA in the Play Store. Also popular game apps like Subway Surfers or Candy
Crush Saga to have been spotted over 30 times in a counterfeit version in the
store.
With the spread
of the Trojan, the makers rely mainly on applications that can be downloaded
from the App Store costs normally and they offer as a supposed free version.
This approach seems to be very successful; Eset recorded in one version, for
example, 100,000 installations. After downloading should notice those concerned
the scam quickly because the apps are not functional.
The download of
the Trojan brings no direct damage to the device. In the blog post Eset
provides that no personal data is tapped or the memory of the phone would be
encrypted. The main task of the Trojan is always in contact with various
advertising platforms take - mainly what with pornography. Eset has analyzed
that the malware opens an invisible browser window and automatically performs
clicks on banners. With this action, the makers of Trojan earn their money.
Eset also
reports that some discovered Porn clicker apps include an integrated antivirus
check, which some suspicious activity will not be carried out with help.
Currently to the Trojans know 56 different anti-virus programs, including
Kaspersky, AVG Cleaner or Dr. Web.
Although there
is no direct harm to users, it can still come for them to unpleasant
situations. A permanent contact with the Command and Control servers at the
expense of the volume of data available. In logfiles also the permanent
connection is indicated to porn websites, what specifically can be
uncomfortable at work?
On the homepage of Eset is a list of MD-5 hashes, the exact app name and the used C & C
servers.
No comments :
Post a Comment