Tech
Google Plays malware attack infects 1.7 million additional devices
google play, the company’s official repository for Android apps, was again caught hosting fraudulent and potentially malicious apps, with the discovery of over 56 apps, many of them for children, that were installed on nearly 1.7 million devices.
Tekya is a family of malware that generates fraudulent clicks on advertisements and banners disseminated by agencies such as Googles AdMob, AppLovin, Facebook and Unity. To make clicks look authentic, the well-obscured code forces infected devices to use the Androids MotionEvent mechanism to mimic legitimate user actions. When researchers at the security company Check Point discovered them, the applications were not detected by VirusTotal and Google Play Protect. Twenty-four of the applications containing Tekya have been marketed to children. Google deleted the 56 apps after Check Point reported them.
The discovery highlights once again that the Google Play Store can still host malicious applications, wrote Check Point researchers Israel Wernik, Danil Golubenko and Aviran Hazum in a publication published Tuesday. There are nearly 3 million apps available in the store, with hundreds of new apps downloaded daily, it’s hard to verify that each app is safe. Thus, users cannot rely solely on Google Plays security measures to ensure the protection of their devices.
Become native
To make malicious behavior more difficult to detect, applications have been written in native Android code in the C and C ++ programming languages. Android applications generally use Java to implement logic. The interface of this language offers developers easy access to several layers of abstraction. Native code, on the other hand, is implemented at a much lower level. While Java can easily be decompiled, a process that converts binaries back to human readable source code is much more difficult to do with native code.
Once installed, Tekya applications record a broadcast receiver which performs several actions, in particular:
- BOOT_COMPLETED to authorize the execution of the code when the device starts (cold start)
- USER_PRESENT to detect when the user is actively using the device
- QUICKBOOT_POWERON to authorize the execution of the code after restarting the device
The only purpose of the receiver is to load the native libtekya.so library into the libraries folder inside the .apk file of each application. The Check Point publication provides much more technical details on how the code works. Google officials have confirmed that the apps have been removed from Play.
But wait . . . There is more
In addition, antivirus provider Dr.Web reported on Tuesday the undisclosed number of Google Play apps discovered, downloaded over 700,000 times, which contained malware nicknamed Android.Circle.1. The malware used code based on the BeanShell scripting language, and combined both advertising and click fraud. The malware, which had 18 modifications, could be used to carry out phishing attacks.
The Dr.Web publication did not name all of the applications that contained Android.Circle.1. The few applications identified were: BlackDark Background Wallpaper, Horoscope 2020Zodiac Horoscope, Sweet Meet, Cartoon Camera and Bubble Shooter. Google has removed all applications reported by Dr.Web. The 56 applications discovered by Check Point, meanwhile, are in Tuesday’s Check Point post, which is again here.
Android devices often uninstall apps after being deemed malicious, but the mechanism doesn’t always work as expected. Readers may want to check their devices to see if they have been infected. As always, readers must be very selective in the applications they install. Undoubtedly, Google scans detect a large percentage of malicious apps submitted to Play, but a significant number of users continue to be infected with malware that bypass these checks.
What Are The Main Benefits Of Comparing Car Insurance Quotes Online
LOS ANGELES, CA / ACCESSWIRE / June 24, 2020, / Compare-autoinsurance.Org has launched a new blog post that presents the main benefits of comparing multiple car insurance quotes. For more info and free online quotes, please visit https://compare-autoinsurance.Org/the-advantages-of-comparing-prices-with-car-insurance-quotes-online/ The modern society has numerous technological advantages. One important advantage is the speed at which information is sent and received. With the help of the internet, the shopping habits of many persons have drastically changed. The car insurance industry hasn't remained untouched by these changes. On the internet, drivers can compare insurance prices and find out which sellers have the best offers. View photos The advantages of comparing online car insurance quotes are the following: Online quotes can be obtained from anywhere and at any time. Unlike physical insurance agencies, websites don't have a specific schedule and they are available at any time. Drivers that have busy working schedules, can compare quotes from anywhere and at any time, even at midnight. Multiple choices. Almost all insurance providers, no matter if they are well-known brands or just local insurers, have an online presence. Online quotes will allow policyholders the chance to discover multiple insurance companies and check their prices. Drivers are no longer required to get quotes from just a few known insurance companies. Also, local and regional insurers can provide lower insurance rates for the same services. Accurate insurance estimates. Online quotes can only be accurate if the customers provide accurate and real info about their car models and driving history. Lying about past driving incidents can make the price estimates to be lower, but when dealing with an insurance company lying to them is useless. Usually, insurance companies will do research about a potential customer before granting him coverage. Online quotes can be sorted easily. Although drivers are recommended to not choose a policy just based on its price, drivers can easily sort quotes by insurance price. Using brokerage websites will allow drivers to get quotes from multiple insurers, thus making the comparison faster and easier. For additional info, money-saving tips, and free car insurance quotes, visit https://compare-autoinsurance.Org/ Compare-autoinsurance.Org is an online provider of life, home, health, and auto insurance quotes. This website is unique because it does not simply stick to one kind of insurance provider, but brings the clients the best deals from many different online insurance carriers. In this way, clients have access to offers from multiple carriers all in one place: this website. On this site, customers have access to quotes for insurance plans from various agencies, such as local or nationwide agencies, brand names insurance companies, etc. "Online quotes can easily help drivers obtain better car insurance deals. All they have to do is to complete an online form with accurate and real info, then compare prices", said Russell Rabichev, Marketing Director of Internet Marketing Company. CONTACT: Company Name: Internet Marketing CompanyPerson for contact Name: Gurgu CPhone Number: (818) 359-3898Email: [email protected]: https://compare-autoinsurance.Org/ SOURCE: Compare-autoinsurance.Org View source version on accesswire.Com:https://www.Accesswire.Com/595055/What-Are-The-Main-Benefits-Of-Comparing-Car-Insurance-Quotes-Online View photos
picture credit
to request, modification Contact us at Here or [email protected]
 |
 |
 |
3 Comments