Millions of Android users were infected this week through applications that were downloaded from Google Play. According to the antivirus software firm Avast, the malware code was imbedded in applications with a huge target audience, such as games, IQ tests and history apps.
Although Google has removed the harmful applications from Google Play, they were already downloaded on smartphones before the malware was discovered. One of the apps in which the malware was detected is Durak, a card game application that was very popular and was installed between 5 and 10 million times, according to Google.
Durak was one of the most infected and most pestilent of the noxious apps. After you install Durak, your Android smartphone seems to work just fine, until you reboot it and a few days pass by. Then, you start to observe something isn’t right and the app shows its true color, by presenting different ads that informs you your phone was infected and you need to take action. And once you take action, the app takes you to different suspicious fake pages, like stores or even being directed to security apps on Google Play, which of course will be of no need.
Afterwards, if it happens for you to trust the given source and you download and install such security apps, the malware starts to collect your data and sends premium SMS messages without your knowledge. The security apps won’t actually do any work and the pop-up warning will continue to appear every time you unlock your phone.
Avast also stated that some of the harmful apps wait up to 30 days until it infects your smartphone. And once it does, you won’t be able to realize which application from your phone is the source of the problem. This may also lead to unwanted investments, due to the particular ability of the malware, to re-direct to “advertise” solutions and recommended steps, as Avast says.
The instructions for the apps to display ads are contained in an Android package file named APK which holds the config file for “mobi.dash” advertising software developing kit. The file is named ‘ads_settings.json’ and is kept in the ‘res\raw’ folder. This file configures how long the app will wait until it will display the ads.
In order to have a safe and secure smartphone, install a trustable antivirus on your smartphone, full scan your device regularly and download only reputable apps from Google Play. And if you pass by such suspicious applications, make sure you don’t download the noxious packages.
Have you ever encountered infected apps? Let us know which ones and how you resolved the issue in the comment section bellow.