Security News > 2020 > March > Dozens of Android Apps for Kids on Google Play Store Caught in Ad Fraud Scheme
More than 50 Android apps on the Google Play Store-most of which were designed for kids and had racked up almost 1 million downloads between them-have been caught using a new trick to secretly click on ads without the knowledge of smartphone users.
While the offending apps have been removed from Google Play, the find by Check Point Research is the latest in an avalanche of ad fraud schemes that have plagued the app storefront in recent years, with malware posing as optimizer and utility apps to perform phony clicks on ads.
Malware Abuses MotionEvent API to Simulate User Clicks Stating that the campaign cloned legitimate popular apps to gain an audience, the newly discovered 56 apps were found bypassing Google Play Store protections by obfuscating its native code and relying on Android's MotionEvent API to simulate user clicks.
The receiver, when it detects these events, then proceeded to load a native library named "Libtekya.so" that includes a sub-function called "Sub AB2C," which creates and dispatches touch events, thereby mimicking a click via the MotionEvent API. An Ongoing Problem of Mobile Ad Fraud Mobile ad fraud manifests in different ways, including threat actors planting malware-laced ads on user phones or embedding malware in apps and online services to generate clicks fraudulently to receive payouts by advertising networks.
Google, for its part, has been actively trying to stop rogue Android apps from infiltrating the Google Play Store.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/IAheiFn_tvw/android-apps-ad-fraud.html
Related news
- SpyLoan Android malware on Google play installed 8 million times (source)
- 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (source)
- Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System (source)
- Google patches actively exploited Android vulnerability (CVE-2024-43093) (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- Google's mysterious 'search.app' links leave Android users concerned (source)
- Week in review: Zero-click flaw in Synology NAS devices, Google fixes exploited Android vulnerability (source)
- Google launches on-device AI to alert Android users of scam calls in real-time (source)
- Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes (source)
- Google's New Restore Credentials Tool Simplifies App Login After Android Migration (source)