Google Play is fighting an uphill battle against Android adware

Enlarge (credit: SophosLabs)
Google’s official Play marketplace is waging an uphill battle against Android apps that display an unending stream of popup ads even when users try to force them to stop, researchers said Friday.
The researchers, from UK…

Enlarge (credit: SophosLabs)

Google's official Play marketplace is waging an uphill battle against Android apps that display an unending stream of popup ads even when users try to force them to stop, researchers said Friday.

The researchers, from UK-based SophosLabs, said they have found a total of 47 apps in the past week that collectively have racked up as many as 6 million downloads. They all use a third-party library that bombards users with ads that continue to display even after users force-close the app or scrub memory. In a blog post, SophosLabs said Google has removed some of the privately reported apps while allowing others to remain.

The MarsDae library that's spawning the popup torrent supports Android versions 2.3 through 6, as well as Samsung, Huawei, Mizu, Mi, and Nexus devices. One app that incorporates MarsDae, SophosLabs said, is Snap Pic Collage Color Splash, which remained available on Google servers as this post was being prepared. Snap Pic has been downloaded from 50,000 to 100,000 times. Once installed, it displays ads on the Android home screen. Even after a user uses the Android settings to force close the app, the ads resume a few seconds later.

Read 3 remaining paragraphs | Comments

Covert downloaders found preinstalled on dozens of low-cost Android phone models

Dozens of low-cost Android phone models come preinstalled with apps that covertly download and install adware and other unwanted programs, researchers said.
At least 26 phone models come preinstalled with a downloader dubbed Android.DownLoader.4…

Dozens of low-cost Android phone models come preinstalled with apps that covertly download and install adware and other unwanted programs, researchers said.

At least 26 phone models come preinstalled with a downloader dubbed Android.DownLoader.473.origin, according to a blog post published Monday by antivirus provider Doctor Web. Doctor Web researchers described the app as a downloader trojan that can download not only benign applications but also malicious and unwanted ones. One such app, known as H5GameCenter, displays ads on top of running applications. The image can't be removed, and infected users report that when they uninstall the app, Android.DownLoader.473.origin quickly downloads and installs it again.

Another preinstalled downloader Doctor Web detected is known as Android.Sprovider.7 and comes encrypted inside another app. It has the ability to automatically download Android application files and install them when users click on a confirmation button, make phone calls to certain numbers, and show ads on top of apps.

Read 3 remaining paragraphs | Comments

After hiatus, in-the-wild Mac backdoors are suddenly back

Three new pieces of Mac-targeting malware access webcams, passwords, and more.

After taking a hiatus, Mac malware is suddenly back, with three newly discovered strains that have access to Web cameras, password keychains, and pretty much every other resource on an infected machine.

The first one, dubbed Eleanor by researchers at antivirus provider Bitdefender, is hidden inside EasyDoc Converter, a malicious app that is, or at least was, available on a software download site called MacUpdate. When double clicked, EasyDoc silently installs a backdoor that provides remote access to a Mac's file system and webcam, making it possible for attackers to download files, install new apps, and watch users who are in front of an infected machine. Eleanor communicates with control servers over the Tor anonymity service to prevent them from being taken down or being used to identify the attackers.

"This type of malware is particularly dangerous as it's hard to detect and offers the attacker full control of the compromised system," Tiberius Axinte, technical leader of the Bitdefender Antimalware Lab, said in a blog post published Wednesday. "For instance, someone can lock you out of your laptop, threaten to blackmail you to restore your private files or transform your laptop into a botnet to attack other devices."

Read 9 remaining paragraphs | Comments

Popularity of Apple devices prompts surge of new threats

Apple users can no longer be complacent about security, as the number of infections and new threats rises.

続きを読む

Apple users can no longer be complacent about security, as the number of infections and new threats rises.

続きを読む