Again and again, hackers manage to smuggle malicious software into the Apple and Google app stores by bypassing security measures.
Security researchers from various companies are constantly busy tracking down malware hiding in apps for iOS and Android. TECHBOOK collects all current alerts in this article.
“Clicker” viruses in the Google Play Store
Computer security firm McAfee has identified 16 Android apps containing so-called “clicker” malware. This is a type of malware that automatically visits websites with advertising in the background. The apps themselves disguise themselves as useful tools like barcode scanners, flashlights, and currency converters. Overall, the apps were downloaded 20 million times from the Play Store.
How does clicker malware work?
Once installed, an app infected with this malware sends a signal to a remote server. From there, she gets the command to open masses of websites with advertising in the background. Clicking on advertisements on these sites generates revenue for the hackers. The users hardly notice anything. The process is only noticeable when the apps generate high internet traffic and thus consume a lot of electricity.
Users should delete these Android apps immediately
McAfee has already reported the infected apps to Google and they have been removed from the Play Store. As usual, however, it is now up to users to delete the apps themselves from their smartphones. Here is the full list:
| app name | package name | Downloads |
|---|---|---|
| High speed camera | com.hantor.CozyCamera | 10,000,000+ |
| Smart Task Manager | com.james.SmartTaskManager | 5,000,000+ |
| Flashlight+ | kr.caramel.flash_plus | 1,000,000+ |
| K Dictionary | com.joysoft.wordBook | 1,000,000+ |
| BusanBus | com.kmshack.BusanBus | 1,000,000+ |
| 달력메모장 | com.smh.memocalendar | 1,000,000+ |
| Currency Converter | com.smartwho.SmartCurrencyConverter | 500,000+ |
| quicknote | com.movinapp.quicknote | 500,000+ |
| Flashlight+ | com.candlencom.candleprotest | 500,000+ |
| EzDica | com.joysoft.ezdica | 100,000+ |
| EzNotes | com.meek.tingboard | 100,000+ |
| Instagram profile downloader | com.schedulezero.instapp | 100,000+ |
| joy code | com.joysoft.barcode | 100,000+ |
| 손전등 | com.candlencom.flashlite | 1000+ |
| Flashlight+ | com.dev.imagevault | 100+ |
| 계산기 | com.doubleline.calcul | 100+ |
Adware viruses in iOS and Android
The security researchers from “Human” have found dozens of apps in Apple’s App Store and Google’s Play Store that are infected with so-called adware. Again and again, hackers smuggle their malicious apps past the security measures of the app stores. This is why virus-infected apps for iOS and Android are often only found when they are already installed on many smartphones.
The adware campaign is an advertising scam. This is a known problem: According to the Human Security Report, it is now the third wave, after similar campaigns in 2019 and 2020. The “Satori Threat Intelligence & Research” team uncovered the operation in 2019 and gave it the name “Poseidon”. . The offshoots of the operation are “Charybdis” (2020) and currently “Scylla”.
What is adware?
Adware fraud allows malicious actors to load apps with ads. However, you can also program the apps in such a way that the advertising is invisible to users. This allows them to receive payment from advertisers without actually showing their ads.
These iOS and Android apps are infected with ‘Scylla’ malware
Human has reported the results to Apple and Google as part of its research. Both companies have now deleted the affected apps from their stores. However, if the apps are already installed on the iPhone or Android smartphone, they are not automatically removed. Users must therefore lend a hand and delete them from their smartphones.
In total, 9 iOS apps and 75 Android apps are affected by the adware campaign. Together, the apps have been downloaded more than 13 million times. An abridged overview of virus-infected iOS and Android apps can be found here:
| iOS |
|---|
| Loot the Castle |
| Run Bridge |
| Shinning Gun |
| Racing Legend 3D |
| rope runner |
| Wood Sculptor |
| fire wall |
| Ninja critical hit |
| Android | |
|---|---|
| Super Hero Save the world! | 1,000,000 downloads |
| Spot 10 differences | 1,000,000 downloads |
| Find 5 Differences – New | 1,000,000 downloads |
| Dinosaur legend | 1,000,000 downloads |
| One line drawing | 1,000,000 downloads |
| Shoot master | 1,000,000 downloads |
| Talent Trap – NEW | 1,000,000 downloads |
| Arrow Coins | 500,000 downloads |
| Parking master | 500,000 downloads |
The complete list is available on the Humansecurity reports.
How to protect yourself from malware in iOS and Android
Both Google and Apple have continued to have problems with malware getting into the app stores despite safeguards. The responsibility therefore lies largely with the users. You should make sure that you only install apps from reliable developers, if possible. If you are unsure, the app ratings in the App Store can often help. If there are many negative voices and warnings here, you should keep your hands off the app.
Many malware-infected iOS and Android apps consume mobile data and drain battery life with their background activity. Users should therefore regularly check their data and battery consumption in order to be able to identify abnormal behavior early and delete the relevant apps.