Researchers this week identified 35 apps representing more than 2 million downloads that have snuck into the Google Play Store — apps that hide their presence on a device by renaming themselves and changing their icon, then start showing aggressive ads .
In a Wednesday blog post, Bitdefender researchers explained that one of the ways cybercriminals monetize their presence on Google Play is by serving ads to their victims.
The researchers said that although it looks good at first, the danger here is that the advertisements served to the victims disrupt the user experience and may be directly linked to malware.
Advertising
Third-party code buried in mobile apps has become a growing cybersecurity risk for both consumers and organizations, said Chris Olson, chief executive officer of The Media Trust. Olson said that while the apps named in Bitdefender’s study were clearly created with malicious intent, more legitimate apps are not free from danger either. He said that the average mobile app today contains up to 30 third-party APIs that malicious actors can use to distribute phishing links, track user activity across the web, and steal location/ device.
“With the help of location-based targeting and audience segmentation, cyber actors can zero in on members of specific organizations and use their mobile device as a launching pad for deeper penetration and recognition. flare-ups,” Olson said. “Ultimately, organizations need to be more aware of their digital perimeter and the dangers inherent in the web applications and platforms they use every day. »
John Bambenek, principal threat hunter at Netenrich, added that as consumers move more of their digital lives and sensitive information to their mobile devices, criminals will continue to target platforms such as Google Play.
“The easiest way is to use rogue apps, which means trying to trick the App Store and its automated detection system,” Bambenek said. “In an ecosystem designed to be open, it becomes a rat race, much like we did to stay ahead of endpoint malware. »