Malware Displaying Porn Ads Discovered in Game Apps on Google Play

Share

There are a bunch of apps that make Google's operating system awesome, but what many people don't know is that none of them would work without Play Services.

In this case, the hidden code inside the offending apps, dubbed AdultSwine, will either show pornographic ads from a third-party server or through the code's own ad library, Check Point said. Google has said that the company manually reviews ads and has strict category checks to help children have a safe experience.

Another technique used by the malicious app is registering to premium services and charging the victim's account for fraudulent premium services they did not request. Check Point didn't explain how the malicious code found its way inside otherwise-innocuous apps, but it did demonstrate how the attack worked once the game was downloaded. Google was keen to add that the issue doesn't exploit vulnerabilities in Android security, and that users' devices weren't affected. Some of the removed games have been downloaded over 1 million times, like Five Nights Survival Craft and McQueen Car Racing Game, based on the Disney Pixar character from the film Cars.

Updated with new information from Google. While the AdultSwine malware games only seem to display ads they receive from the C&C, there could be other unknown intentions of the attacker that are now unknown, possibly, credential theft.

E Coli Outbreak Spreads to 15 States; Leafy Greens Suspected
The cases in the United States are the same strain as the cases in Canada, and some of them have the same genetic fingerprint. She said it's still unclear whether FDA is intensifying testing of US and imported products in the wake of Canada's findings.

The security firm was able to provide a list of games infected with this malicious code and they have now been removed from the Google Play Store. It might, for example, tell users they could win a "free iPhone" by answering a few questions before prompting them to enter a phone number.

While Google is actively scanning the Play Store for malicious coding and malware, there are challenges with keeping that coding out of the app store.

First discovered and reported by security firm CheckPoint, AdultSwine was found in apps named "Drawing Lessons Angry Birds", "Temple Crash Jungle Bandicoot", "Fidget Spinner Toy", and more.

Apple's App Store does contend with malware but, due in large part to tighter restrictions and a far smaller number of apps and users, the iOS App Store appears to be hit less frequently with malware outbreaks than its Android counterpart.

Share