Scammers are abusing mobile ad networks in an attempt to phish Android app users
At least 400 apps in Google’s Play Store are feeding malicious ads into apps through abuse of an SDK.
At least 400 apps in Google’s Play Store are feeding malicious ads into apps through abuse of an SDK.
Ransomware on mobile phones may not be the most profitable avenue for criminals, but that hasn’t stopped some from trying to make a buck.
Most went live in September, and all share a similar code library meant to help avoid detection.
In this op-ed, Wandera’s Michael Covington says what sounds good theoretically can be near impractical to implement.
The Android malware pushed fake prizes to generate click fraud. The program’s developers borrowed open-source code from the real Telegram app.
Researchers declined to identify the company by name, citing an ongoing law enforcement investigation.
It’s only the latest revelation about how scammers are using apps as a way to leverage victims’ phones, and generate ad revenue.
“Scary Granny ZOMBY” displayed a phishing page that appeared to be from Google. The Play Store pulled the game down in response to Wandera’s research.
An Android app might be more likely to ask for access to technical functions. An iOS app might seek to use sensitive features, like the microphone. In any case, Wandera says, know what you’re getting into.
The weakness is a check-in link that is emailed to customers, and it exposes information such as passport numbers, flight numbers, researchers at Wandera said. The affected airlines include Southwest, Air France and KLM.