Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Mobile

    Google Expunges Apps Tainted With Ad Fraud Malware From Play Store

    By
    Jaikumar Vijayan
    -
    May 27, 2017
    Share
    Facebook
    Twitter
    Linkedin
      Google Ad Blocking

      Google has removed dozens of Android applications from its Play mobile application store after security vendor Check Point Software discovered the apps were infected with malware that trick users into clicking on ads on a massive scale.

      Some of the applications that Check Point discovered appear to have been on Play store for several years and have been downloaded anywhere from 8.5 million times to 36.5 million times, the security vendor said in an alert this week.

      The ad-clicking malware, which Check Point dubbed ‘Judy’, used infected devices to generate a large number of fraudulent clicks on ads posted through the Google’s network.  The operators of the malware earned money for each fraudulent click, while advertisers who paid by click, lost money on each fraudulent impression.

      Check Point described the discovery as likely the largest ever malware campaign uncovered on Google Play.

      The malware was found on more than 40 applications belonging to a Korean company that appeared to be a formally registered business on Google Play, Check Point said. This Korean company makes mobile applications for both Android and IOS environments. 

      “It is important to note that the activity conducted by the malware is not borderline advertising, but definitely an illegitimate use of the users’ mobile devices for generating fraudulent clicks, benefiting the attackers,” Check Point said.

      In addition to generating the fraudulent ad clicks, the Korean company’s apps also sometimes displayed multiple applications at once on a user’s mobile screen leaving them with no option but to click on the ads to exit, the alert said.

      Besides the Korean apps, Check Point said it discovered several Android applications developed by other vendors, running the Judy malware as well.”The connection between the two campaigns remains unclear, and it is possible that one borrowed code from the other, knowingly or unknowingly,” Check Point’s mobile research team said in the alert.

      Google uses a technology dubbed Bouncer to inspect all Android applications for malware and other potentially harmful code before allowing the app into Play store. In order to get around Bouncer the operators of Judy first uploaded a seemingly benign application to Google’s app store.

      When a user downloaded the app, it promptly established a connection with a malicious server and downloaded the ad clicking malware from there. The malware would then use a series of subterfuges to locate and click on targeted banner ads in Google’s ad infrastructure Check Point said.

      Google did not respond to a request seeking comment on Check Point’s discovery or on how the malicious behavior remained undetected for so long.

      This is by far not the first time that security researchers have discovered Android apps on Play behaving in a malicious way. Google itself has frequently reiterated its commitment to ensuring that apps loaded to Play store are malware free. Just last week, the company announced Play Protect, a technology that continuously scans Android devices used in the workplace for malware and malicious behavior.

      But almost as frequently as the company has updated its defenses, malware authors have been able to sneak past them. Earlier this year for instance Check Point discovered a new variant of a malware dubbed HummingBad in some 20 Android apps on Google Play, including some that had been downloaded millions of times. In March, Google scrambled to remove some 132 Android apps from Play after security vendor Palo Alto Network said it discovered the apps contained malware.

      Google’s security researchers have often publicly called out other software vendors for security failures in their products. But as Check Point’s disclosure this week would suggest, Google itself, like every other vendor, appears to be having its own share of security problems.

      Jaikumar Vijayan
      Vijayan is an award-winning independent journalist and tech content creation specialist covering data security and privacy, business intelligence, big data and data analytics.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×