Symantec Threat Intelligence cyber researchers have discovered 25 new apps hiding an adware: here are which ones they are
New malware alert for 25 dangerous apps found by cyber security researchers on the Google Android Play Store. As has already happened with other apps, these 25 apps also contain adware and, unfortunately, have passed Google’s checks without any major problems.
Aside from being yet another case of the genre, this time things are even worse than in the recent past because, apparently, the developers of the apps in question have applied more refined techniques and strategies than usual to avoid detection. These are apps that load a module in the background with the purpose of making advertisements appear on the infected smartphone and, as a result, make money for the developers, to the detriment of the user as well as the entire advertising circuit and its advertisers.
How the 25 dangerous apps discovered work
The infected apps were discovered by May Ying Tee and Martin Zhang from Symantec Threat Intelligence, who reported them to Google, as is their practice. After installation, the apps download a configuration file from remote servers that contains the adware. At first glance, then, the 25 apps appear “clean”. The adware starts automatically, displaying banner ads and slowing down the device’s performance. In order to make it more difficult for the user to identify which app caused the infection, the display of the banners is random: it may take a few seconds, minutes, or even hours between banners, and it may happen that an advertisement pops up while the user is using another app.
Strategies to stay undetected
May Ying Tee and Martin Zhang noticed that these 25 apps, which in total have been downloaded 2.1 million times, were published in the last 5 months by 22 different developers. But they all include virtually identical pieces of code, which could mean that one developer is behind them, trying to evade scrutiny. When a “rogue” developer is discovered, in fact, very often Google blocks all of its apps in the Play Store while waiting for clarification.
La lista delle 25 app da rimuovere subito
I 25 file Apk scoperti da Symantec sono quasi tutti pacchetti di installazione di app di fotoritocco, come Photo Background Editor Pro, Cut Paste Photo Editor, Face Feature, Photo Cut Studio Professional, Yasuo Fan Art e Auto Blur Photo, e di app dedicate agli appassionati di moda, come Fashion Hairstyles Pic Editor, Latest Hairstyles Free e Hairstyles Photo Editor Plus.
Come difendersi dagli adware
Esiste un modo per difendersi da questa invasione di app che nascondono adware? Oltre a sperare che Google trovi una soluzione per migliorare i sistemi di protezione del Play Store, gli utenti possono seguire delle semplici regoli:
- non installare applicazioni da store di terze parti;
- prima di installare un’app, controllate le recensioni degli altri utenti;
- installare un antivirus Android.
Non sono la soluzione definitiva, ma intanto sono un ottimo modo per bloccare le app pericolose.