Google Play takes down 63 children's apps after malware discovered

Adjust Comment Print

The malware, dubbed AdultSwine, displayed pornographic images that looked like ads but were actually created to prompt users to download fake security software and, getting users to click on links they then have to pay for. Whereas previously, apps could qualify simply by implementing enhanced notifications, Google's planned policy change for January 18th, 2018 imposed some stricter restrictions. In a statement sent to The Verge, Google pointed out that it also has a Family collection on the Play Store to help parents find age-appropriate content and Family Link, a program for family safety that manages which apps children can use.

The researchers also discovered that the malicious code can move laterally within the phone's infrastructure, opening the door for other attacks, such as user password theft.

The new policy would require apps to work as standalone Wear apps and force Wear APKs to be uploaded to the Play Store as a multi-APK instead of bundling them within phone apps.

Once the infected app is installed on a device, it waits for a user to unlock the screen or start the phone in order to initiate the attack.

Check Point says the "malicious code's own ad library... contains ads of an offensive nature, including pornographic ads".

Adult Swine Android Games Malware
Image Check Point

Along with encouraging users to download scareware and pay for premium services, AdultSwine also stole users' credentials, according to Check Point. Once entered, the malicious code then uses this number to register to premium services.

The 60 games, with names such as "Drawing Lessons Lego Ninjago" and "Subway Banana Run Surf", were downloaded 3 million to 7 million times, Google Play data shows.

Effective protection from attack by these malware-infected games requires users to install advanced mobile threat defence on all mobile devices.

"'AdultSwine' is a particularly insidious malware able to cause emotional distress and financial fraud".

The company is "struggling to keep certain malware outside the App store" because some nasty code can only be detected by dynamically analyzing the context of an app's actions, which is hard to do, a Check Point researcher explains.

Deontay Wilder to defend world title against Luis Ortiz
Wilder will defend his title against Ortiz on March 3 at Barclays Center in Brooklyn, New York, organizers announced Friday. The fact that Ortiz, 38, tested positive for steroids in 2014 left many unwilling to give him the benefit of the doubt.