Malicious Cell Phone Apps
While Cambridge Analytica may have been exposed for the nefarious data sharing scheme that it was, there are countless more applications out there which use more than just your data to harm you; they can actually hijack your phone.
According to ConsumerAffairs, a nonprofit focused on consumer-related research and information programs, for every Cambridge Analytica that exists on Facebook, a dozen more harmful instances exist in the form of apps available to download for your mobile devices.
The Google Play store recently removed a number of apps from its download platform that caused a number of issues for users. In some cases, these apps were sending premium-rate text messages to certain numbers and driving the costs of users’ phone bills, while in other instances, they were downgrading the phones’ performance to a substantial degree.
And the more Google and third-party security firms look into this issue, the more prominent it becomes.
British cybersecurity firm Sophos recently revealed that no less than 22 apps on the Google Play store had been involved in a sophisticated “click fraud” campaign. The campaign did not only utilize users’ cell phone data traffic and computing power against their will, but did so in such a manner that they remained almost impossible to detect.
According to the research conducted by Sophos, these apps hid their traces by posing as Apple devices to the websites they targeted. This code was concealed in such a sophisticated way that even Google’s malware detection failed to notice it.
What is Click Fraud?
To understand the extent of the wrongdoing of these apps, it is important to understand what click fraud is and how it works.
In the online advertisement model, users pay Google and other platforms to show their text and banner ads on search engine listings as well as on third party websites. For every click that the ad gets and the resulting visit to the advertised website, the advertising party has to pay a certain amount.
While Google and other platforms directly charge the advertiser for these clicks, they often pay the third-party websites for each click that was driven from their website, and that is essentially how the compensation model works in this segment.
However, this model is by no means perfect, and its flaws are evident in many forms, two of which are mentioned below:
- Competitors initiate campaigns to repeatedly click on a competing advertisers’ ads. This does significant damage to the advertisers’ funds while detracting value from the entire ecosystem.
- The third-party websites that get paid for each click driven through their site engage an army of bots or “zombie users” that click on their ads, drive fake traffic to advertisers’ website, and as a result cause Google or the ad publishing platform to pay them hefty amounts.
This practice is termed as “click fraud”, and that is what the recently discovered apps by Sophos are involved in.
What Are These Malicious Apps Doing?
The 22 apps that were detected in the report include names that may seem like harmless games or fun apps at a glance, but they hold a very well-hidden darker side within them.
These apps conceal their visits to targeted websites by posing as Apple devices. Advertisers have to pay a premium for traffic from Apple devices as compared to the ones driven through Android. Apple-exclusive iOS users are considered to have deeper pockets than the ones which use Android, since the latter supports a large spectrum of phone from high-priced to lower end phones.
By posing as Apple devices in a way that even Google was unable to detect until now, these malicious apps drive a larger revenue for their originator while degrading the performance and security of the devices that they are installed in.
The malware and click fraud model that these apps use are “Clickr-ad”, which in itself is hard to detect through software check and virtually impossible to spot by unsuspecting users. These users don’t even know that their device is being utilized against their will and “clicking” on ads over websites they haven’t even heard of.
The full list of apps has been made available by both Sophos and ConsumerAffairs, and can also be seen below.
- Sparkle FlashLight
- Snake Attack
- Math Solver
- Tak A Trip
- Join Up
- Zombie Killer
- Space Rocket
- Neon Pong
- Just Flashlight
- Table Soccer
- Cliff Diver
- Box Stack
- Jelly Slice
- AK Blackjack
- Color Tiles
- Animal Match
- Roulette Mania
If you have previously downloaded any of these apps, then simply closing them or not using them won’t be the solution. You will need to perform a complete uninstall to save yourself from the horrors they bring.
How Can You Be Careful?
While Google is actively working against such apps, it’s not incorrect to state that click fraud apps are far too many to be curbed down in a single attempt or two.
While Google and third-party cybersecurity firms work to expose and resolve these issues, make sure that you only install apps from verified publishers on the Play Store.
This also holds true for Apple users. While this click fraud malware was not detected on the App Store by Sophos, the publishers of these apps are still very active on the App Store with other offerings.
To say that constant vigilance is highly advised would be an understatement.
Have you come across a malicious cell phone app that can hijack your phone? Let us know! We’re here if you need to vent! Shoot us an email to Outreach@