3/24/2020
02:15 PM

Malware Found Hidden in Android Utility Apps, Children's Games

The 'Tekya' malware, as researchers call it, is designed to imitate the user's actions to click advertisements.



A new malware family has been discovered operating in 56 Google Play applications, which have collectively been downloaded nearly one million times around the world. Dubbed "Tekya," the malware aims to commit mobile ad fraud by imitating user actions to click advertisements.

Check Point researchers say 24 of these infected apps are designed for children; for example, puzzles or racing games. The rest are utility apps: calculators, translators, and cooking apps, for example. Tekya obfuscates native code to evade Google Play Protect detection, and it uses the MotionEvent mechanism built into Android to imitate the user's actions and generate clicks for ads from agencies like Google's AdMob, AppLovin', Facebook, and Unity, researchers report.

The Tekya campaign built its audience by cloning legitimate popular applications, especially children's apps, which were most popular for this particular malware. All of the infected apps have been removed from Google Play. If you think you may have one of these malicious apps on your device, researchers recommend uninstalling the affected app and updating the device's operating system and applications. 

Read more details here.

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "Three Ways Your BEC Defense Is Failing & How to Do Better."

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2020 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service