Published: Sat, March 16, 2019
Tech | By

Google remove over 200 apps infected by SimBad adware: Check Point

Google remove over 200 apps infected by SimBad adware: Check Point

The app purging was triggered after boffins at cybersecurity firm Check Point alerted the search giant to the presence of an adware campaign running riot in the Play Store.

However, some apps may need location even when the app is not in use.

"Most of the above apps, as well as the risky apps already mentioned, have been developed either by amateur programmers or by software manufacturers not focused on the security business", the AV-Comparatives staff noted.

A risky permission "could potentially affect user's privacy or the device's normal operation" and "the user must explicitly agree to grant those permissions".

According to AV-Comparatives 170 of the 250, Android antivirus apps failed the basic tests and turned out to be a sham. The update arrived yesterday and it boosts the overall performances of the Google Play Store by introducing a handful of software tweaks.

Use only trustworthy AV, not this garbage that after scan makes you uninstall nearly all of your apps because its nonsense detection rules. The perpetrator also has the ability to load one remote app that some specific server hosts, thereby letting him to load fresh malicious programs when required. They automated the device, directing it to download and install known malware apps from the browser. Google wants to support you as much as they can by (1) releasing developer-impacting features in the first Q Beta to give you as much time as possible to make any updates needed in your apps and (2) providing detailed information in follow-up posts like this one as well as in the developer guides and privacy checklist.

There can be risks in using whitelists. This whitelist/blacklist method is so bad that the antivirus app detected the user's default app as malicious if they didn't include the package name in its whitelist.

These apps even detected themselves as malicious.

AV Comparatives says a handful of apps it tested have now been flagged by other security software as Trojans or "potentially unwanted applications", a category reserved for apps that may have some legitimate functionality but also sport other, questionable features, such as bombarding users with ads.

Check Point also provided the list of infected apps to Google which were later taken down from Google Play.

The huge Android userbase has been subject to some high-profile security scares, with the Judy malware arguably the biggest in recent times. A few more were over 99 percent effective.

Like this: