Millions of people installed infected apps that criminals could use to ‘wreak havoc’ on smartphones

They could cause pornographic ads to appear, attempt to scare users into downloading harmful software, and trick them into signing up for expensive premium services

Aatif Sulleyman
Monday 15 January 2018 14:32
Comments
A 3D printed Android mascot Bugdroid is seen in front of a Google logo in this illustration taken July 9, 2017. Picture taken July 9, 2017
A 3D printed Android mascot Bugdroid is seen in front of a Google logo in this illustration taken July 9, 2017. Picture taken July 9, 2017

Millions of people have downloaded infected apps that could trick them into installing harmful software and signing up for expensive premium services, researchers say.

More than 60 Android apps were found to contain malicious code dubbed ‘AdultSwine’, which is designed to “wreak havoc” on users through their smartphones.

CheckPoint, which discovered the malware, says it causes pornographic and “highly inappropriate” ads to appear on phones, attempts to scare users into installing fake or even harmful apps, and tricks users into registering for premium services.

The researchers add that AdultSwine could also be used by hackers for “a potentially much wider range of malicious activities”, such as social engineering attacks or credential theft.

Some of the infected apps are very popular, and several are aimed at children.

One of the infected apps, called Five Nights Survival Craft, was downloaded by between 1 million and 5 million people. Another, called Mcqueen Car Racing Game, attracted between 500,000 and 1 million downloads.

Apps infected with AdultSwine were downloaded between 3 million and 7 million times, the researchers say.

To sign users up to premium services, the infected apps display a popup ad designed to persuade the user to click through.

“The ad claims that the user is entitled to win an iPhone by simply answering four short questions. Should the user answer them, the malicious code informs the user that he has been successful, and asks him to enter his phone number to receive the prize. Once entered, the malicious code then uses this number to register to premium services,” the researchers said.

The apps also display ads that claim the user’s device has been infected by a virus. Tapping the ad would redirect the user to another app in Google Play that claims to be security software, but may in reality cause more harm than good.

“An experienced eye could easily foresee this tactic, though a child playing a game app is easy prey for such nefarious apps,” the researchers added.

Google has now removed the infected apps from the Play store. You can find a full list of them here.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

By clicking ‘Create my account’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in