Advertisements

Monday, 4 February 2019

Google bans several beauty apps from the Play Store that redirect users to phishing websites, steal pictures and more

According to security researchers, several beauty camera apps on Google Play are capable of accessing remote ad configuration servers that can be used for malicious purposes. What's not surprising is that some of these apps have millions of downloads given the popularity. A large number of the download counts originated from Asia, particularly in India. A user can't suspect any one of these apps immediately after downloading until after they decide to delete the app. These apps usually create a shortcut after being launched. However, it will hide its icon from the application list, making it more difficult for users to uninstall the app since it is hidden. Furthermore, these apps use packers to prevent them from being analyzed. Not stopping there, these apps push several full-screen ads when users unlock their devices, including malicious ads (such as fraudulent content and pornography) that will pop up via the user’s browser. The analysis found that a paid pornography player detected as AndroidOS_PornPlayer.UHRXA that was downloaded when clicking the pop-up. None of these apps give any indication that they are the ones behind the ads, thus users might find it difficult to determine where they’re coming from. Some of these apps redirect to phishing websites that ask ...