Connect with us


Google Play Has At Least 17 Trojan Apps That Can Steal Your Personal Information: Avast




Google Play is said to have at least 17 apps that are a part of a Trojan family called HiddenAds, if cybersecurity firm Avast is to be believed. The apps are found to be a part of a large HiddenAds campaign that initially targeted users in India and Southeast Asia. Avast researchers discovered that these apps are masked as games but are designed to display intrusive ads and can steal personal information of users. The researchers noticed that the Trojan apps have the ability to hide their icons from the affected devices and show timed ads that can’t be skipped.

The team of Avast researchers initially discovered a total of 47 apps belonging to the Trojan family HiddenAds. Google, however, removed 30 of those apps upon receiving the report from the antivirus company.

“Once the user downloads the app, a timer starts within the app. The user is allowed to play the game for a set period of time, after which the timer triggers the hide icon feature of the app,” explained Avast Threat Operations Analyst Jakub Vávra, in a blog post. “Once the icon is hidden, the app starts to display ads throughout the device without needing further actions from the user.”

Some of the Trojan apps discovered by the Avast team are claimed to even open the browser to display intrusive ads to users. Since the apps hide their icon after a certain time limit, their victims aren’t able to understand the origin of the ads they see on their devices. Having said that, the Trojan apps can still be uninstalled through the app manager of the device.

The Avast team found that each of the discovered apps has a separate developer listed on Google Play, with a generic email address. “Similarly, the Terms of Service are identical across the discovered apps, likely pointing to an organised campaign by one actor,” Vávra added.

In total, the apps carrying the Trojan HiddenAds have been downloaded more than 1.5 crore times. Some of the most downloaded titles that were live at the time of filing this story includes Skate Board – New, Find Hidden Differences, Spot Hidden Differences, Tony Shoot – NEW, and Stacking Guys.

The researchers found that the HiddenAds campaign through the apps were most prevalent in Brazil, India, and Turkey. However, it spread across other regions as well.

An email sent to Google didn’t elicit a response at the time of publishing this story.

Not the first time

This is notably not the first time when Google Play is found to have the apps that have the potential to steal user information. In July last year, Avast detected apps that were installed a combined 1,30,000 times with the nature of stalking users. Bot mitigation company White Ops in its research paper published earlier this month also revealed that Google removed at least 38 apps from its Google Play store that infested Android devices with out-of-context advertisements.

As Vávra mentioned in a statement posted on that it is indeed difficult for Google to prevent adware campaigns as there are single developers for each app. “Campaigns like HiddenAds may slip into the Play Store through obfuscating their true purpose or slowly introducing malicious features once already downloaded by users,” analyst said.

Steps to stay away from such apps

Avast has advised users to carefully look for the permissions of the app requests before installing them on their devices. It is also important to take some time and read the privacy policy and terms and conditions of the apps being installed. Furthermore, users are recommended to reconsider downloading the app that has received a large number of negative reviews.

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


Facebook Repairs Bug That Prompted Brief iOS App Outages




By Agence France-Presse | Updated: 11 July 2020

Popular smartphone apps including Spotify and Pinterest suffered outages Friday for a few hours due to a bug in Facebook’s systems.

Facebook has resolved the problem, a spokesperson said.

“Earlier today, a code change triggered crashes for some iOS apps using the Facebook SDK,” or software development kit, the spokesperson said.

“We identified the issue quickly and resolved it. We apologise for any inconvenience.”

App users began reporting on Twitter early Friday that they were unable to open Spotify and other sites.

Downdetector, which monitors for internet problems in real time, showed a rise in problems for a number of applications, including Spotify, Pinterest, Waze, and The New York Times.

It reported a major spike in problems around 10:30am GMT (4pm IST), and a decline in user issues at around 1pm GMT (6:30pm IST).

Continue Reading


Amazon Bans, Then Un-Bans TikTok From Employee Mobile Devices




By Agence France-Presse | Updated: 11 July 2020

Amazon on Friday said it mistakenly sent workers an email telling them to dump the TikTok mobile application from their cell phones because of security concerns.

The internal message told workers they could still access the popular video-snippet sharing platform using laptop web browsers, but would lose access to company email on smartphones that have TikTok.

“This morning’s email to some of our employees was sent in error,” an Amazon spokesperson said in reply to an AFP inquiry without going into detail.

“There is no change to our policies right now with regard to TikTok.”

The concern expressed in the internal message appeared to be that the TikTok mobile app could access Amazon company email, according to a copy posted online.

“User security is of the utmost importance to TikTok -– we are fully committed to respecting the privacy of our users,” a spokeswoman for the company said in reply to an AFP inquiry.

She added that TikTok welcomed “a dialogue so we can address any issues they may have.”

The Democratic National Committee is advising campaign staff to avoid using TikTok on personal devices and, if they do, to keep the app on a smartphone separate from that used for work, given the amount of data it can track, a DNC official told AFP.

TikTok this week withdrew from Hong Kong in an exit seen partly as an effort to shake off the “label of it being a company that is controlled by China and shares data with the Chinese government,” Zhu Zhiqun, a political science professor at Bucknell University in the United States, told AFP.

TikTok’s parent company, ByteDance, is based in China.

The app’s feeds of 15- to 60-second video clips are often fun and humorous, featuring everything from make-up tutorials to dance routines.

However, with its rising popularity in the United States, TikTok has also come under increasing scrutiny from the government here.

US President Donald Trump said this week he was considering banning it as a way to punish China over the coronavirus pandemic.

Top US lawmakers have raised concerns over the potential for TikTok to leak user data to the Chinese government.

India — where TikTok is also wildly popular — recently blocked the platform on national security grounds following a deadly border clash between its soldiers and Chinese forces.

TikTok staunchly denies snooping allegations.

“We have never provided user data to the Chinese government, nor would we do so if asked,” a spokesman said on Wednesday.

Continue Reading


TikTok Says Removed Over 49 Million Videos in Second Half of 2019




By Reuters | Updated: 10 July 2020

Social media app TikTok said on Thursday it removed more than 49 million videos from its platform in the second half of last year for violating its guidelines.

These videos accounted for less than 1 percent of the total posted on the platform and fell under categories such as “violent and graphic content, hate speech and adult nudity”, it said in a report released on its website.

About one-third of the videos were from India, followed by the United States, and Pakistan, it added.

The transparency report comes days after the company owned by China’s ByteDance was banned from India, one of its biggest markets, after a Sino-India border clash. The short-form video making app also decided to exit the Hong Kong market following China’s establishment of a sweeping new national security law for the semi-autonomous city.

TikTok launched a new platform to court small business advertisers on Wednesday. The platform, however, was fraught with challenges, especially after the Trump administration’s threat this week to impose a ban on China-based social media apps.

© Thomson Reuters 2020

Continue Reading