Skip to main content

Google Play’s malicious app problem infects 1.7 million more devices

posted onMarch 25, 2020
by l33tdawg
Arstechnica
Credit: Arstechnica

Google Play, the company’s official repository for Android apps, has once again been caught hosting fraudulent and potentially malicious apps, with the discovery of more than 56 apps—many of them for children—that were installed on almost 1.7 million devices.

Tekya is a family of malware that generates fraudulent clicks on ads and banners delivered by agencies including Google’s AdMob, AppLovin’, Facebook, and Unity. To give the clicks the air of authenticity, the well-obfuscated code causes infected devices to use Android’s “MotionEvent” mechanism to imitate legitimate user actions. At the time that researchers from security firm Check Point discovered them, the apps went undetected by VirusTotal and Google Play Protect. Twenty-four of the apps that contained Tekya were marketed to children. Google removed all 56 of the apps after Check Point reported them.

The discovery “highlights once again that the Google Play Store can still host malicious apps,” Check Point researchers Israel Wernik, Danil Golubenko, and Aviran Hazum wrote in a post published on Tuesday. “There are nearly 3 million apps available from the store, with hundreds of new apps being uploaded daily–making it difficult to check that every single app is safe. Thus, users cannot rely on Google Play’s security measures alone to ensure their devices are protected.”

Source

Tags

Google Industry News

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th