Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Avast_Threat_ Research: HiddenAds campaign on Play Store with 15M+ downloads discover
#1
Bug 
Quote:
[Image: TVDumYE.png]

Avast researchers discover 47 apps on Play Store with intrusive ads and stealth features.

Avast researchers have discovered a large campaign of HiddenAds on the Google Play Store. HiddenAds refers to a family of Trojans that disguise as safe and useful applications, but in fact only serve to display intrusive ads to the user. The discovered apps mask as games and have a timer-triggered hide app icon feature alongside the ability to display device-wide ads. The apps have over 15 million combined downloads on the Play Store.

The initial detection was made through similarities with a previous HiddenAds campaign that was also present on the Play Store. Upon further analysis of the app through apklab.io, Avast researchers were able to identify a wider campaign of 47 apps through shared activities, features, and network traffic. 

It became apparent that these apps are disrupting the user experience based on Play Store reviews. This combined with the apps’ ability to hide their icon and display ads outside the app confirmed that they are part of the HiddenAds family.

Apps like these are considered adware, a type of malware that bombards you with intrusive and consistent ads and can steal your personal information, track you online and more. 

Features to look out for

The main shared feature across these apps is the appearance of a mobile game. Further research showed the games are generally a re-package of an older version of the game with added layers of ads and the hide icon ability. Once the user downloads the app, a timer starts within the app. The user is allowed to play the game for a set period of time, after which the timer triggers the hide icon feature of the app.

Once the icon is hidden, the app starts to display ads throughout the device without needing further actions from the user. The apps have the ability to draw over other apps to display timed ads that cannot be skipped. Several apps even open the browser to display intrusive ads.

Due to the hidden icon, the user may be unsure about the origin of the ads. The app can still be uninstalled through the app manager features of the device but requires the user to search out the source of the ads.

Another shared attribute of these apps is that the developer only has a single app on their developer profile with a generic email address. Similarly, the Terms of Service are identical across the discovered apps, likely pointing to an organized campaign by one actor. 

The apps’ reviews showcase the frustration of the users that downloaded the apps.
...
Continue Reading
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Microsoft Edge fixes 0-day vulnerability...
Microsoft released...harlan4096 — 10:12
AnyDesk 8.0.9
AnyDesk 8.0.9:   ...harlan4096 — 10:10
AMD Confirms RDNA 3+ GPU Architecture F...
AMD Zen5-based Strix...harlan4096 — 10:08
Adobe Acrobat Reader DC 24.001.20629 (Op...
Adobe Acrobat Read...harlan4096 — 10:06
FastCopy 5.7.5
FastCopy 5.7.5: ...harlan4096 — 10:04

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>