Header Ads

Aware about play store app which is Malware App Drained your Battery Energy and Steal your Personal Information- Millions of User's Affected By This Apps

Malware Infected Play Store Apps


Experimenter discovered "Malicious Android Apps" that uploaded in Google play store with Sophisticated click cheat functionality affected around two million Android users.

Some of the malicious apps are unnoticed for a month and year, some of the apps were uploaded in June 2018 and one of the injurious flashlight apps alone downloaded around one million users. Attacker created these ad-clicker malware apps with more persistent functionality and flexible than other previous versions.

Numerous of the apps contain downloader functionality and it using command and control server in order to retrace the files. Attackers send the direct instructions via C&C server to the malware apps that act like a normal ad that showing by legitimate apps. Also, they are using particular click fraud tools to report to the network using particular models of both Android and iOS mobile phones and also full-screen ads are disturbing users to create more thought and force them to click on it.

The affected user can experience malicious activities when the app using a high amount of data and consume the phone’s battery power. These all the malicious apps generate fraudulent requests that cost ad networks significant revenue using the affected clicks.

Infected Application Method Of Working - How It's working

Initially, once it’s launched, it just starts communicating with its C&C server by sending an HTTP GET request and servers return the  “SDK” commands along with URL to download an “SDK” module. In this case, the c2 module keeps checking the time interval in “exp” filed and it keeps connecting with every 10 min to get its SDK again. Another module called  “mob” perform the ad-clicking and instruction from the C2 server and also server replies on another JSON structure that contains the parameters it will use to download the advertisement.

Also, researchers launch the same developers who placed their malicious apps through the iTunes Store. In order the decrease the chance of catching any malicious from the Ad network, attackers forcing User-Agent and device fields generated network traffic looks like actual traffic that originates from real devices. The click fake remains persistent, even when the user forces the app to drop and Out of 22 apps, 19 apps were created after June 2018. Most of them have contained this “SDK” downloading function since the first version. Researchers said

  • Followings are Infected Applications


  • Sparkle FlashLight
  • Snake Attack 
  • Math Solver
  • ShapeSorter
  • Tak A Trip
  • Magnifeye
  • Join Up
  • Zombie Killer
  • Space Rocket
  • Neon Pong
  • Just Flashlight
  • Table Soccer

  • Cliff Diver

  • Box Stack

  • Jelly Slice

  • AK Blackjack

  • Color Tiles

  • Animal Match

  • Roulette Mania

  • HexaFall
  • HexaBlocks

  • PairZap

No comments

Powered by Blogger.