Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday February 05 2015, @05:02AM   Printer-friendly
from the costly-freeware dept.

BBC reports that Android users are being warned that several popular apps that were on the official Google Play store appear to contain hidden code that made malicious ads pop up with one of the apps — a free version of the card game Durak — downloaded up to 10 million times, according to Google Play's own counter.

The "adware" causes spurious pop-up messages to appear that had been made to look like system notifications that say the phone is running "slow" and that the user needs to install new software to fix the problem. "You get re-directed to harmful threats on fake pages," writes Avast malware analyst Filip Chytry, "like dubious app stores and apps that attempt to send premium SMS behind your back or to apps that simply collect too much of your data for comfort while offering you no additional value."

Several people who had downloaded the Durak card game had posted warnings on Google Play as far back as November 2013, that they suspected it was forcing pop-up ads to appear. Google Play has been plagued by app problems in the past. It has previously offered titles that provide secret remote access as well as ones that are malicious advertising networks. "Phone users ultimately have to trust the operating system vendor," says Steven Murdoch, "whether that's Google or Apple [or someone else] to protect them."

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by tibman on Thursday February 05 2015, @05:38AM

    by tibman (134) Subscriber Badge on Thursday February 05 2015, @05:38AM (#141423)

    I blame ebay when i get something that is clearly not what i ordered! j/k i blame myself ;(

    --
    SN won't survive on lurkers alone. Write comments.
    • (Score: 5, Informative) by Anonymous Coward on Thursday February 05 2015, @06:43AM

      by Anonymous Coward on Thursday February 05 2015, @06:43AM (#141429)

      Not to mention that:

      1. Google has blocked the apps and developer already.

      2. The actual offending apps are nowhere near as widespread as initially thought.

      3. The apps concealed their presence by delaying activation for up to 30 days after install.

      4. The malicious code could have been in the ad serving software instead of the apps themselves.

      Note that Google did respond, but the Apple/MS controlled press are still trying to go thermonuclear and just fucking kill Google, so it's being spun way out of proportion. Some of the usual shills are even making pathetic comparisons to MS in the Win 95/98 days...

      Here's what Google actually said:

      Liz Markman, a Google spokeswoman, told The Huffington Post that the three sketchy apps had been pulled by Wednesday. But for many users, the damage was done. The BBC reports that "Durak" had been on Google Play since as far back as November 2013.

      After the problematic apps were downloaded, they prompted pop-ups to appear, as one user demonstrates here. (Source)
      Markman said apps are scanned for malware, spyware and Trojans as they are uploaded to Google Play, but these three clearly slipped through the cracks. Jason Hong, head of app-tracking service PrivacyGrade and an associate professor at Carnegie Mellon University, told HuffPost it's possible that the problem came from malicious ad code rather than the apps themselves. That may have helped them evade detection.

      "It's not entirely clear whether the original app itself was malicious and they just played a long game, or used an advertising network that happened to have a malicious ad," Hong said via email. "If you imagine that an app is made out of Lego pieces, some of these pieces are made by other people."

      • (Score: 4, Insightful) by Anonymous Coward on Thursday February 05 2015, @07:00AM

        by Anonymous Coward on Thursday February 05 2015, @07:00AM (#141431)

        Here's the real scam:

        If you downloaded one of these three apps and want to clear your device of the adware, a representative for Avast said its mobile security app will fix the issue -- but only if you subscribe to the premium version, which is either $1.99 monthly or $14.99 annually.

        Or just go to Settings, then Apps (or the Application Manager, depending on your device), and search through the list for the offending app. When you find it, tap it, and then tap the Uninstall button...

      • (Score: 2, Troll) by Arik on Friday February 06 2015, @01:12AM

        by Arik (4543) on Friday February 06 2015, @01:12AM (#141689) Journal
        "1. Google has blocked the apps and developer already."

        Sure, after distributing malware for years.

        "2. The actual offending apps are nowhere near as widespread as initially thought."

        Not a valid excuse.

        "3. The apps concealed their presence by delaying activation for up to 30 days after install."

        Definitely not a valid excuse. No one noticed that code? //keep track of install date, bad stuff won't start for 30 days.

        "4. The malicious code could have been in the ad serving software instead of the apps themselves."

        WTF? The malware server is to blame? No, the program that connects to it is to blame. Along with the people that wrote the OS that allows it.

        If google actually wanted to protect their customers there are so many places they could and should have stopped this. But the fact is they dont care at all about that, they care about making money from those malware servers so the last thing they will do is block them.

        --
        If laughter is the best medicine, who are the best doctors?
  • (Score: 5, Insightful) by K_benzoate on Thursday February 05 2015, @05:42AM

    by K_benzoate (5036) on Thursday February 05 2015, @05:42AM (#141424)

    For normies, Android is like Windows was around the WinME/2000/XP era: an incredibly powerful machine is given always-on Internet access, little malware protection, and complete trust in the user to be a competent sysadmin. It's no wonder these phones "feel old" before their contracts are up. People have been conditioned to believe the solution is a new $600 phone every 2 years. It's almost like it's a deliberate conspiracy on the part of cellular service providers and handset makers, but I'm more comfortable blaming incompetence and consumerism.

    --
    Climate change is real and primarily caused by human activity.
    • (Score: 5, Insightful) by aristarchus on Thursday February 05 2015, @05:47AM

      by aristarchus (2645) on Thursday February 05 2015, @05:47AM (#141425) Journal

      If you persist in making statements like this:

      and complete trust in the user to be a competent sysadmin.

      We will have to regard you as insane. The user as sysadmin, on an Android device? You make me laugh!

      • (Score: 1) by Anonymous Coward on Thursday February 05 2015, @11:55AM

        by Anonymous Coward on Thursday February 05 2015, @11:55AM (#141466)

        If the user isn't the sysadmin - who is?

        • (Score: 1, Insightful) by Anonymous Coward on Thursday February 05 2015, @01:00PM

          by Anonymous Coward on Thursday February 05 2015, @01:00PM (#141475)

          Teh Google

        • (Score: 3, Insightful) by aristarchus on Thursday February 05 2015, @06:34PM

          by aristarchus (2645) on Thursday February 05 2015, @06:34PM (#141594) Journal

          The person who can actually uninstall all the crap that the carrier or manufacturer has installed on the device! So that means, only those who have rooted their phones. Do you understand now?

    • (Score: 5, Funny) by tibman on Thursday February 05 2015, @06:05AM

      by tibman (134) Subscriber Badge on Thursday February 05 2015, @06:05AM (#141427)

      Ah, i remember those days! You'd get a brand new computer from dell or hp or whatever and it would be full of weird programs that you never wanted and can't get rid of. Good thing we're living in the future and don't have to deal with that anymore : )

      --
      SN won't survive on lurkers alone. Write comments.
      • (Score: 2) by Freeman on Thursday February 05 2015, @06:01PM

        by Freeman (732) on Thursday February 05 2015, @06:01PM (#141578) Journal

        The difference is that bloatware installed on Windows can be removed. Unless the bloatware is called Windows, but that's a whole different point. ;-)

        --
        Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
  • (Score: 1, Insightful) by Anonymous Coward on Thursday February 05 2015, @07:45AM

    by Anonymous Coward on Thursday February 05 2015, @07:45AM (#141436)

    Easy 'fix': Every window that opens on the system contains the name of the app in it's title bar, the same name you see in the app store. This is rendered above everything else by the OS.

  • (Score: 5, Interesting) by PizzaRollPlinkett on Thursday February 05 2015, @11:37AM

    by PizzaRollPlinkett (4512) on Thursday February 05 2015, @11:37AM (#141463)

    Forget the malware, how did they achieve millions of installs for a random Android app?!

    --
    (E-mail me if you want a pizza roll!)
  • (Score: 3, Informative) by Techwolf on Thursday February 05 2015, @02:05PM

    by Techwolf (87) on Thursday February 05 2015, @02:05PM (#141493)

    Google apps does this too. Every once in a while when I use the phone camera, an ad would pop up. After some digging, turns out that using Cyangenmod and long press reviewed the app doing the ad, it was Google own + app. So I am not surprized that some apps on the play store does this too. Good thing there is third party ROMs that can reviel the offending app.