Google Play’s malicious app problem (infects 1.7 million more devices)

[DeepIn2U]

Google Play’s malicious app problem infects 1.7 million more devices

Wow ... this is a concern that it's happening yet again.

Google Play, the company’s official repository for Android apps, has once again been caught hosting fraudulent and potentially malicious apps, with the discovery of more than 56 apps—many of them for children—that were installed on almost 1.7 million devices.

Tekya is a family of malware that generates fraudulent clicks on ads and banners delivered by agencies including Google’s AdMob, AppLovin’, Facebook, and Unity. To give the clicks the air of authenticity, the well-obfuscated code causes infected devices to use Android’s “MotionEvent” mechanism to imitate legitimate user actions. At the time that researchers from security firm Check Point discovered them, the apps went undetected by VirusTotal and Google Play Protect. Twenty-four of the apps that contained Tekya were marketed to children. Google removed all 56 of the apps after Check Point reported them.

Seems that the issue is these infected apps were written in native code, not java making them harder to decompile for deletion. I'm curious ... can Xcode and Swift apps be decompiled from one developer to the next if the app is available and loaded into Xcode ? Can this occur on iOS/iPadOS as well?

 

[LIVEFRMNYC]

Apple went through the same thing with iOS in late 2019. The purpose of the malware was the same as this, to gain ad revenue.

 

[mi7chy]

Click fraud is an issue on Apple App Store too. Fortunately, most people know better than to willy-nilly install bottom of the barrel crapplets.

https://www.wired.com/story/apple-app-store-malware-click-fraud/