Friday, January 15, 19:29
Home security Google Play applications install malware

Google Play applications install malware

White Ops discovers a collection of Android apps that have installed a hidden browser to load malicious ads. Google has removed an unknown number of Android apps from the official Google Play Store that appear to have been part of a botnet ad scam.

This botnet called Terracotta was discovered by the security team Satori of White Ops, a security company that specializes in locating muzzle.

White Ops researchers say they have been tracking Terracotta since late 2019 when the botnet appeared to have been first released.

According to the researchers, Terracotta worked by uploading apps to the Google Play Store that promised users free products if they installed the apps on Appliances their.

Applications usually offer free shoes, boots and sometimes tickets, coupons and expensive dental treatments. Users were asked to install application and then wait two weeks to receive the free products, during which they had to leave the app installed on their smartphone.

Google-Android apps-Facebook credentials Google play

However, the applications downloaded and ran a modified version of WebView, a weaker version of Google Chrome. Terracotta gang launches modified WebView browser without realizing it user and committed an ad scam by uploading ads and monetizing fake ad impressions.

The White Ops team described Terracotta as "a complex and huge bot". It was complicated because it used advanced techniques to avoid detection by fake networks advertisements and it was huge because of the scale at which it operated.

For example, White Ops said that in the last week of June alone, the Terracotta botnet "loaded" more than two billion ads in 65.000 infected smartphone.

Some Terracotta applications have been removed from Google Play

Currently, after Google's intervention, the presence of botnet in the Play Store has been reduced, but it has not been completely removed, with some devices appearing to be infected.

Some users may think that because Terracotta malware cheated ad networks rather than directly users, this botnet may not be a problem for them, but on infected devices, malicious applications often cause problems with the battery after running around the clock.

Unfortunately, White Ops has not released a list of applications that have been infected with Terracotta. However, the good news is that when Google removes malicious apps from the Play Store, it also disables malicious apps. applications on all users' devices, stopping their malicious behavior.


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehc
Be the limited edition.


Android: How to see which apps have access to your site

It's no secret that smartphone apps have access to many permissions - if you let them. It is important to make sure ...

Canon lets you take pictures from space

Instead of releasing new cameras for CES 2021, Canon is doing something different: It lets you take pictures from space ....

Wikipedia vs Big tech: Who fights misinformation?

As Election Day turned into US Election Week, Facebook, Twitter and YouTube were trying to prevent ...

Tesla: It is called to recall cars due to problematic screens

The touch screen in some Tesla cars seems to have a problem, which could ...

Ransomware is responsible for half of all data breaches in hospitals

Almost half of the data breaches committed in hospitals and the wider healthcare sector are due to ransomware attacks, ...

Astronomers have just found the oldest oversized black hole

A quasar was discovered in a dark corner of space - over 13,03 billion light-years away - and contains a ...

What are the best and most affordable 5G phones for 2021

The market will soon be flooded with mid-range 5G devices. Everything that happens will be really exciting: you will be able to ...

Verified Twitter accounts in a cryptocurrency scam with the name of Elon Musk violated!

Lately, hackers have been violating verified Twitter accounts in a cryptocurrency giveaway scam, in which the name of the CEO is used ...

Classiscam: Fraudsters "fake" brands and deceive users of European markets!

Dozens of criminal gangs publish fake ads in popular online markets, to attract unsuspecting users to "fraudulent" commercial sites or phishing ...

iOS 14.4: Displays a notification for repairs with non-genuine cameras

Starting with the iPhone 11, Apple has added a notification to iOS that tells the user when the device has a ...