Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Friday March 27 2020, @03:33AM   Printer-friendly
from the blind-trust dept.

Google Play, the company's official repository for Android apps, has once again been caught hosting fraudulent and potentially malicious apps, with the discovery of more than 56 apps—many of them for children—that were installed on almost 1.7 million devices.

Tekya is a family of malware that generates fraudulent clicks on ads and banners delivered by agencies including Google's AdMob, AppLovin', Facebook, and Unity. To give the clicks the air of authenticity, the well-obfuscated code causes infected devices to use Android's "MotionEvent" mechanism to imitate legitimate user actions. At the time that researchers from security firm Check Point discovered them, the apps went undetected by VirusTotal and Google Play Protect. Twenty-four of the apps that contained Tekya were marketed to children. Google removed all 56 of the apps after Check Point reported them.

The discovery "highlights once again that the Google Play Store can still host malicious apps," Check Point researchers Israel Wernik, Danil Golubenko, and Aviran Hazum wrote in a post published on Tuesday. "There are nearly 3 million apps available from the store, with hundreds of new apps being uploaded daily–making it difficult to check that every single app is safe. Thus, users cannot rely on Google Play's security measures alone to ensure their devices are protected."

To make the malicious behavior harder to detect, the apps were written in native Android code—typically in the C and C++ programming languages. Android apps usually use Java to implement logic. The interface of that language provides developers with the ease of accessing multiple layers of abstraction. Native code, by contrast, is implemented in a much lower level. While Java can easily be decompiled—a process that converts binaries back into human-readable source code—it's much harder to do this with native code.

Source: ArsTechnica


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: -1, Troll) by Anonymous Coward on Friday March 27 2020, @04:56AM (1 child)

    by Anonymous Coward on Friday March 27 2020, @04:56AM (#976214)

    /me wiggles butt

    Starting Score:    0  points
    Moderation   -1  
       Troll=1, Total=1
    Extra 'Troll' Modifier   0  

    Total Score:   -1  
  • (Score: 2) by DannyB on Friday March 27 2020, @05:55PM

    by DannyB (5839) Subscriber Badge on Friday March 27 2020, @05:55PM (#976387) Journal

    Title: Frosty The Snowman
    Type: Animated Cartoon
    Runtime: 25 minutes
    Plot:

    A group of unruly children conspire to steal the hat of a kindly, hard working magician.

    To cover up their crime, they concoct a highly improbable tale of a snowman that comes to life.

    --
    People today are educated enough to repeat what they are taught but not to question what they are taught.