According to a report, these apps contained a device-draining backdoor that allowed them to surreptitiously download files from an attacker-controlled server. They were removed in the last week of November.
Make your home smarter than the average home
Make your life smarter, simpler, and more convenient with IoT enabled TVs, speakers, fans, bulbs, locks and more.
Click here to know more
Google has removed 22 apps from Play Store after they were found to be containing device-draining backdoors that allowed them to secretly download files from an attacker-controlled server, ArsTechnica reported. These apps have cumulatively been download for over 2 million times. The list includes Sparkle Flashlight, an app that was downloaded for more than 1 million times since it entered Google Play sometime in 2016 or 2017, cybersecurity company Sophos said in a blog post.
The firm claimed that Sparkle Flashlight and two other apps were updated to add the secret downloader in March this year. The remaining apps became available after June and contained the downloader from the start itself. Sophos says that these apps were being used to click on fraudulent ads and ran even after being force-closed causing high battery drain and consumption of huge amount of data. Google removed these apps in the last week of November.
“Andr/Clickr-ad is a well-organized, persistent malware that has the potential to cause serious harm to end users, as well as the entire Android ecosystem. These apps generate fraudulent requests that cost ad networks significant revenue as a result of the fake clicks. From the user's perspective, these apps drain their phone's battery and may cause data overages as the apps are constantly running and communicating with servers in the background. Furthermore, the devices are fully controlled by the C2 server and can potentially install any malicious modules upon the instructions of the server,” Sopos said in the blogpost.
Here is the list of 22 apps that were removed by Google Play Store:
1) Sparkle FlashLight
2) Snake Attack
3) Math Solver
5) Tak A Trip
7) Join Up
8) Zombie Killer
9) Space Rocket
10) Neon Pong
11) Just Flashlight
12) Table Soccer
13) Cliff Diver
14) Box Stack
15) Jelly Slice
16) AK Blackjack
17) Color Tiles
18) Animal Match
19) Roulette Mania
Recently, Google removed 13 apps from Play Store because they were actually malwares that were disguised as apps. An ESET security Researcher Lukas Stefanko tweeted about these apps, demonstrating how they were fake and would hide their app icons on a device after being downloaded and installed. These apps were said to download another APK in the background called ‘Game Center’ and asked the user to install it. Once installed, this app too hides in the background and displays ads when the device is unlocked.
Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.
We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.