Cybercriminals have a good number of tricks to fool you into downloading mobile malware. And they’re not just tricking regular users, they’re fooling app developers too. Look out, if you’re not too careful, you can be their next victim.
Take these freshly outed apps, for example. They’ve been available in the official Google Play Store for months now, amassing millions and millions of downloads.
Unknown to everyone, they are all infected with a sneaky piece of malicious profit-generating software commonly known as adware.
Check your phone now.
Read on and see if any of the more than 200 infected apps are installed on your gadget and remove them immediately.
SimBad has surprises
Security researchers at Check Point discovered a new kind of Android malware disguised as an advertising platform and it is believed to be infecting more 200 apps in the official Google Play. The combined download total of all the apps? More than 150 million.
Most of the apps appear to be mostly simulations games but some are a mish-mash of utilities like photo editors and browsers.
The malware, dubbed as SimBad, apparently sneaks into apps by inserting itself into Software Development Kits (SDK) and by presenting itself to developers as a legitimate ad-serving platform. However, what the developers don’t realize is that the malicious platform is actually piggy-backing their apps to evade the Google Play Store’s app scanning system.
Once an infected app is installed, SimBad opens a backdoor on the phone and installs additional malware. This malware then deletes its app icon and runs persistently in the background, restarting itself every time the infected phone boots up.