Security firm, Lookout was the one who discovered that the infected apps all had the lgexin ad SDK installed into them. This gives third parties unauthorised access to private information in users' devices. The apps themselves also managed to be downloaded over 100 million times from the Google Play Store as many of them fell into popular categories such as weather, health and fitness, travel and games.
However, it is quite possible that app developers may not be responsible for the malware infection added by hackers as this is not the first time cybercriminals have used an SDK to spread malicious codes.
Read Also:
- Beware: CopyCat Malware Infects 14M Android Devices
- Malware Written Into DNA For The First Time
- Google Acquires Senosis Apps That Turn Smartphones into Health Diagnostic Tools
- How To Delete Your Google History And Search Data
Lookout also gave details as to why the app developers were likely unaware of the malware present in their applications.
“It is likely many app developers were not aware of the personal information that could be exfiltrated from their customers' devices as a result of embedding Igexin's ad SDK. It required deep analysis of the apps' and ad SDK's behavior by our researchers to make this discovery. Not only is the functionality not immediately obvious, it could be altered at any time on the remote server.”In an attempt to prevent apps from being able to deliver malware to mobile devices, Google recently introduced Google Play Protect which will be built into the latest version of its mobile OS, Android O.
Lookout has informed Google of its discover and all of the affected apps have now been removed from the Play Store.
0 comments:
Drop your comments here!