43 Android apps in Google Play with 2.5M installs loaded ads when a phone screen was offSecurity Affairs

Experts found 43 Android apps in Google Play with 2.5 million installs that displayed advertisements while a phone’s screen was off.

Recently, researchers from McAfee’s Mobile Research Team discovered 43 Android apps in Google Play with 2.5 million installs that loaded advertisements while a phone’s screen was off.

The experts pointed out that this behavior violates Google Play Developer policy, in impacts the advertisers who pay for Ads that will be never displayed to the users, and also the users because it drains battery, consumes data, and exposes them to multiple risks, including information leaks and disruption of user profiling caused by Clicker behavior. 

The malicious apps include TV/DMB players, music downloaders, news apps, and calendar applications.

Google Play

The Ad Fraud campaign uncovered by McAfee targeted mainly Korean Android users.

According to the report the ad fraud library used in this campaign implements specific tricks to avoid detection and inspection, such as delaying the initiation of its fraudulent activities.

“It deliberately delays the initiation of its fraudulent activities, creating a latent period from the time of installation. What’s more, all the intricate configurations of this library can be remotely modified and pushed using Firebase Storage or Messaging service. These factors significantly add to the complexity of identifying and analyzing this fraudulent behavior.” reads the report. “Notably, the latent period typically spans several weeks, which makes it challenging to detect.”

The rogue apps start fetching and loading the ads when the device screen is turned off after the latent period. The users will never know that their devices are involved in this fraudulent scheme. The ad library registers device information by accessing the unique domain (ex: mppado.oooocooo.com) linked with the application. The app retrieves the specific advertisement URL from Firebase Storage and shows the ads.  

However, quickly turning on the

Read More ...

Android telephones sold to consumers in China uncovered to be loaded with apps that send person information to third parties

Android phones sold to customers in China found to be loaded with apps that send user data to third parties
The ECDF of the number of dangerous permissions requested by just about every category of offers in each handset. Credit history: arXiv (2023). DOI: 10.48550/arxiv.2302.01890

A group of personal computer scientists, two from the University of Edinburgh, and a 3rd from Trinity School, has located that telephones obtained by buyers in China are riddled with software package that repeatedly sends user facts to third functions without the authorization or even awareness of the phone’s end users. Haoyu Liu, Douglas Leith and Paul Patras have summarized their results in a paper posted on the arXiv preprint server.

In the U.S. and many other nations, cellphone users acquire their privateness seriously—the maker of the cell phone, its operating program or mounted applications are all anticipated to maintain a rigorous level of safety. That protection does not show up to be the norm for distributors in China. In this new work, the scientists acquired a variety of telephones in China and examined how well they safeguard private person information.

The tests involved telephones designed by corporations this kind of as OnePlus, Oppo Realme and Xiamoi, which are all well-known in China. They analyzed not only the mounted applications, but the underlying working program, a modified version of Android. Their in general intention was to establish the form and amount of money of individually identifiable information (PII) staying sent from the phones to third parties.

The research workforce uncovered that the telephones have been rife with purposes sending user data to a wide range of 3rd events, all with no permission. In the course of testing, they established phones to decide out of sending any kind of data to suppliers or any other 3rd parties, and did not join to cloud programs. However, programs despatched data to the makers of the cell phone, community

Read More ...