- Applications would hide on a device from their installation, to avoid withdrawal
- They would serve unwanted and out -of -context advertisements for the victims
- Applications have been deleted from the Play Store
A large advertising fraud campaign including hundreds of Android applications has been discovered and dismantled, Human Security Researchers said.
The iconades campaign worked by displaying ads without appropriate context, or the consent of users – and to worsen things, once the applications have been installed on an Android device, they would mask their icons to users, which makes it more difficult to find and uninstall.
In total, the campaign had 352 Android applications, and during advanced activity, it had 1.2 billion requests for tenders per day, the researchers said.
Pass through
We do not know how many devices the applications have been installed, but we know that they have managed to sneak in front of the Google defenses and in the Google Play Store, and the majority of traffic came from Brazil, Mexico and the United States.
This has now been corrected and these applications have been deleted. However, it is prudent to assume that new ones will soon emerge: “Many applications associated with iconades have a short lifespan before being withdrawn from the Play Store,” said human researchers.
“With the several developments in this threat, researchers expect continuous adaptation, with new published applications and new obscure techniques added.”
The campaign has been active since at least 2019, when the first applications were downloaded in the application repository.
Google’s mobile app is generally considered safe. However, his defenses are not impenetrable, and from time to time, malicious applications pass, at least for a short time.
For this reason, users should never trust the applications blindly, even from such a renowned source. Instead, they should always take care of the number of downloads and user critics. The newly published applications with fewer downloads are likely to be malicious, and many criticisms of usinte cybercriminals, so it is important to read them carefully. Nowadays, most of them are generated by AI and superficial and bland sound, and user accounts have generic names, often similar to each other.
Via The Hacker News
