Symantec discovers malware that hides icons, shows fullscreen ads
Symantec has always been pro-active when it comes to checking out all kinds of malware and adware. It may not track all viruses available out there but the team knows what to prioritize. Just a few months ago, the research firm reported Telegram and WhatsApp for Android were victims of Media File Jacking. Another group recently discovered some gaming and photography apps pose as adware so there was a call to delete those apps and disallow apps to create shortcuts.
The discovery of malicious apps is important because they tell people what to expect and do. There are different types of malware or adware they are approached differently. The latest batch reported by Symantec is a hidden app malware.
The new malware behaves by hiding apps after installation and then showing full-screen advertisements which can be really annoying. Small ads that appear as notifications may be forgivable but we’re talking about fullscreen images here.
The hidden malware is said to have been download over 2.1 million times from the Google Play Store. There is no information when it exactly started but the questionable apps have already been deleted from the Play Store. Symantec submitted a report to Google and the tech giant complied.
The malicious apps also include 25 Android Package Kits that disguise themselves as fashion and photo utility apps. About 22 developer accounts were used to publish the apps. These apps appeared tempting and useful and we have no doubts they had potential to be helpful but they’re suddenly hidden to do secret stuff–by that we mean display ads.
Symantec reviewed the hidden apps and noticed they have a similar app content and code structure which mean developers are the same, or at least, are part of one group. What usually happens is a third-party service secretly requests a to download a remote configuration file in the background. What happens then, the icons are hidden and then ads are shown. Good thing Symantec immediately intercepted the malicious activities as noted in the apps’ code.
We’ll never understand how some developers and published can be ruthless but you know, it’s all about the money. More ads being displayed, the more money can get in.
