Experts On Yet Another Warning For Android Users

Forbes reported today that another warning has been issued to Android users after researchers at ESET discovered a year-long campaign that saw 8 million installs of adware delivered through 42 apps.

Half of those apps had already been removed by Google at the time ESET reported them. All the apps have since been removed by Google, however they are still available in third party stores, Lukas Stefanko, ESET malware researcher, said.

Subscribe
Notify of
guest
2 Expert Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
David Kennefick
David Kennefick , Product Architect
InfoSec Expert
October 25, 2019 11:04 am

It should go without saying that you should only download applications from the official app stores. Downloading and installing applications from third-party locations is not advisable, and even when installing from the official app stores you should be diligent on what permissions an application has. This is not the first adware/spyware issue Google Play store users have experienced. In early 2018 it was inundated with flashlight apps who siphoned off data from other applications stored on the device.

Application permissions should be routinely reviewed and updated based on your usage. Be pragmatic about what permissions you are sharing. A flashlight application should not need access to your contacts or the ability to send SMS.

Make sure applications are updated, keeping your devices up to date using the latest safe versions is the most robust strategy for ensuring any adware/spyware which may have been accidentally introduced gets removed.

Last edited 3 years ago by David Kennefick
Eoin Keary
Eoin Keary , CEO and Cofounder
InfoSec Expert
October 25, 2019 11:00 am

One challenge that any playstore/appstore finds when validating apps for malware is that static analysis techniques and automation may not detect logical functions in code which give rise to data exfiltration.

The use of automation to detect malware is used for scalability reasons, but this method is signature-based, which is efficient in finding malicious code but less so in the discovery of logical functions or logic bombs. This is a real challenge, especially large vendors, faced with malware detection in code at scale.

Last edited 3 years ago by Eoin Keary
2
0
Would love your thoughts, please comment.x
()
x