Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malicious Apps Brought Ad-Clicking 'Judy' Malware To Millions Of Android Phones (fortune.com)

Posted by EditorDavid on from the malware-money dept.

An anonymous reader quotes Fortune: The security firm Checkpoint on Thursday uncovered dozens of Android applications that infected users' devices with malicious ad-click software. In at least one case, an app bearing the malware was available through the Google Play app store for more than a year. While the actual extent of the malicious code's spread is unknown, Checkpoint says it may have reached as many as 36.5 million users, making it potentially the most widely-spread malware yet found on Google Play... The nefarious nature of the programs went unnoticed in large part, according to Checkpoint, because its malware payload was downloaded from a non-Google server after the programs were installed. The code would then use the infected phone to click on Google ads, generating fraudulent revenue for the attacker.

55 comments

  1. Android malware is profitable for Google and mfrs. by Futurepower(R) · · Score: 4, Insightful

    Android malware causes Google and Android phone manufacturers and phone service providers to make more money. Most people don't have the time or technical ability to deal with issues, so they buy new phones.

    Google arranged that Android cannot reliably be updated to its latest version. That pro-malware destructiveness is profitable.

    Google needs better management. The company is rapidly getting a bad reputation, partly also because of tracking internet users. Why should Google know if I visit my bank account?

    My opinions.

  2. Re:Android malware is profitable for Google and mf by Anonymous Coward · · Score: 0

    The carriers take stock android and customise it to their requirements. It is then the carriers responsibility to get that sorted out update-wise. Google provides the updates/patches for *everyone*. It's up to the carriers and people like samsung who customise android to sort their shit out and send updates out.

    Incidentally BlackBerry do this with their latest Androdid device already, and have a very good track record of pushing security patches out. Other phone providers can do this too if they wanted. It's their choice and decision, not Googles.

    Google updates their own devices very quickly as well as BB.

  3. Re:Android malware is profitable for Google and mf by Anonymous Coward · · Score: 0

    Android is fucking horrible. I hate to say it, but I wouldn't mind seeing Windows Phone get more traction if it at least lets people patch horrible gaping security holes on devices older than 18 months.

  4. Re:Android malware is profitable for Google and mf by slazzy · · Score: 1

    I'm actually considering a BB for my next phone, might just be the best way to do Android.

    --
    Website Just Down For Me? Find out
  5. Re:Android malware is profitable for Google and mf by Jamu · · Score: 2

    Google provides the updates/patches for *everyone*

    Google updated my Nexus 7 for about 18 months. They stopped at the end of 2015.

    --
    Who ordered that?
  6. meanwhile iPhone users... by Anonymous Coward · · Score: 1

    ... don't have to worry about this kind of stuff, thanks to the Apple's walled garden App Store.

    1. Re:meanwhile iPhone users... by tsa · · Score: 2

      Every time I read about yet another Android malware I am reminded why I bought an iPhone. They're worth the price.

      --

      -- Cheers!

  7. Use iOS by Anonymous Coward · · Score: 1

    It's just better

  8. What's a malicious phone app? by Frosty+Piss · · Score: 3, Interesting

    Odd, I've never had these sorts of problems. My phone is an iPhone 5s...

    --
    If you want news from today, you have to come back tomorrow.
    1. Re:What's a malicious phone app? by stephanruby · · Score: 1

      http://fortune.com/2016/03/16/...

    2. Re:What's a malicious phone app? by JaredOfEuropa · · Score: 1
      From that article:

      Additionally, for the malware to spread to an iOS device, users must have mistakenly installed a corrupted program on their Windows-powered PC to help manage their iOS device. Instead of helping a user backup their iPhone, however, the program covertly installs “malicious apps on any iOS device that is connected to the PC,” the report said.

      Not exactly the same thing as being powned by a malicious app. Plus, Apple have taken measures to prevent this rather quickly. That's not to say that iPhones are 100% secure, but malware on iPhones is relatively rare, and malware causing widespread damage is even rarer.

      --
      If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
    3. Re: What's a malicious phone app? by Anonymous Coward · · Score: 0

      What apps am I missing pray tell? I think you're talking out of your ass to cover for the fact that Android is a sieve and should be avoided at all costs and is avoided by anyone with any technical know how. Only grandmas use Android and usually because their neck beard grandson told them "Akchully, Google is the best."

    4. Re:What's a malicious phone app? by mnemotronic · · Score: 2

      I've never had these sorts of problems. My phone is an iPhone 5s.

      Sorry; dumb question: How do you know you've never had this problem? Maybe you have and just have not been aware of it.

      --
      The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
    5. Re:What's a malicious phone app? by Anonymous Coward · · Score: 0

      And how do you know there isn't a teapot in revolving around the sun?

    6. Re:What's a malicious phone app? by dwillden · · Score: 1

      And malware on Android is relatively rare, and malware causing widespread damage is even rarer. Anyone thinking their platform choice is protecting them is an idiot.

      --
      I'm too lazy to compose a creative sig.
    7. Re:What's a malicious phone app? by Anonymous Coward · · Score: 0

      The wishful thinking is strong on this one.

    8. Re: What's a malicious phone app? by Anonymous Coward · · Score: 0

      Hi. Programmer and developer of Android and iOS apps. I always buy Android, not because I'm cheap. My high end phones cost as much or more than the iPhones. I buy it because I can select from a number of different venders my favorite phone. I've yet to pick a stinker, but my wife's last 3 iPhones have all had serious problems. The apple store support is a shit show. I lost to afternoons because they forgot my appointments. iPhones blow hard but I'm still an apple fan. I love Mac OS.

  9. Re:Android malware is profitable for Google and mf by The+MAZZTer · · Score: 3, Interesting

    You do realize Google recently updated its Play Store developer EULA to ban apps that download and run binaries from non-Google Play Store locations, right? That will seal this hole. Sounds like Google is cracking down to me.

  10. Re:Android malware is profitable for Google and mf by stephanruby · · Score: 2

    The app faked ad impressions and ad clicks. This is a flaw with their advertisement system, not with device security.

    As a user, I only care that the apps I install do not take too much energy, do not take too many background CPU cycles, and do not take too much bandwidth. Aside from those three things, wich I can already monitor with Android, I couldn't care less if my apps fake ad clicks. If you ask me, the more fake data and the more fake ad clicks there are, the better it is for society as a whole.

  11. Re:Android malware is profitable for Google and mf by Anonymous Coward · · Score: 0

    Oh, when Google does it it's "sealing a hole"; when Apple does it it's "stealing muh freedums"...

  12. Bad marketing for Google by Futurepower(R) · · Score: 2

    "It is then the carriers responsibility to get that sorted out..."

    The problem for Google is that abuse by the carriers damages Google's reputation. Most people don't understand all the issues.

    Companies should have enough control over their products that they can prevent their products from being used as an instrument of abuse by other companies.

    1. Re:Bad marketing for Google by Ol+Olsoc · · Score: 1

      Companies should have enough control over their products that they can prevent their products from being used as an instrument of abuse by other companies.

      When your business model is based on cheap, you can't expect the company to have amenities like updates. Expecting the KankPoo Android phone you bought at a flea market to get updates simply isn't realistic.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    2. Re:Bad marketing for Google by TheFakeTimCook · · Score: 1

      "It is then the carriers responsibility to get that sorted out..."

      The problem for Google is that abuse by the carriers damages Google's reputation. Most people don't understand all the issues.

      Companies should have enough control over their products that they can prevent their products from being used as an instrument of abuse by other companies.

      Yup.

      Apple did it, why can't others?

      Perhaps because they don't give a shit about their customers?

  13. Re: Android malware is profitable for Google and m by Anonymous Coward · · Score: 0

    Lol if u think fake ad clicks and views don't cost you data

  14. TFA requires scripting by Anonymous Coward · · Score: 0

    How about including warnings for those of us who try to RTFA that, if we choose to reduce exposure to malicious website content by blocking scripts, TFA will not display. It can save a click and some annoyance for the reader. Just a thought.

  15. Re: Android malware is profitable for Google and m by Anonymous Coward · · Score: 0

    You can still side load... That's the huge difference...

    Banning dropbox and all apps that depend on it because it opens their own website vs closing a security hole while leaving an out (hosting apk any where else)?

    Yeah...

  16. Re:Android malware is profitable for Google and mf by Anonymous Coward · · Score: 0

    If an app can fake ad impressions or user clicks then it fucking is a security problem.

  17. Re:Android malware is profitable for Google and mf by Anonymous Coward · · Score: 0

    faking clicks means faking user interaction. this is one of the most serious security issues you can have. It also chews up data bandwidth and means your whole system is completely compromised.

  18. As usual... by Anonymous Coward · · Score: 0

    "We're not going to tell you which apps were infected, how to tell if you're infected, or how to remove it if you are."

  19. Re: I'M THE BOSS, APPLESAUCE! by Anonymous Coward · · Score: 0

    Who needs lube when you get that "gel" that manifests itself like an hour after you get an enema?
     
    Joke's on you, captcha generator, LOL: antigen

  20. Damn. by mnemotronic · · Score: 1

    Is Blowjob Judy : Gag Queen listed? Please NOOOOOOO....

    --
    The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
  21. Re:Android malware is profitable for Google and mf by Anonymous Coward · · Score: 0

    Wow!! They change the EULA ...... yeah .... that will take care of the problem.

    Are you honestly this level of stupid?

  22. Re:Android malware is profitable for Google and mf by Anonymous Coward · · Score: 0

    No, but you are.

    You think they won't seal up this hole with technical means? They have to change the EULA to make sure nobody bitches about being booted off for "no reason" -- just like your misplaced rage.

  23. Re:Android malware is profitable for Google and mf by Anonymous Coward · · Score: 0

    Except this isn't a bug.

    Sending fake clicks to some random website by "up to 32 million users" (how they came up with that number when it was "unknown" how far it spread? LOL)... this isn't a bug or a something that you can fix without a case-by-case review.

    They didn't evade detection because of non-google downloads, they evaded it because nobody noticed. These fake ad-clicks don't actually effect the user in any up-front way -- it just simply hits a webpage. You know, what every single app out there does these days?

  24. Re:Android malware is profitable for Google and mf by Anonymous Coward · · Score: 0

    Android malware causes Google and Android phone manufacturers and phone service providers to make more money. Most people don't have the time or technical ability to deal with issues, so they buy new phones.

    Android is open source. How does google make money when Samsung ships a phone with software google gave them for free?

  25. Re:Android malware is profitable for Google and mf by Anonymous Coward · · Score: 0

    You do realize Google recently updated its Play Store developer EULA to ban apps

    Recently? As one hour ago? Because either it was that recently or it have been proven useless.

  26. Re:Android malware is profitable for Google and mf by Anonymous Coward · · Score: 0

    Through a third party software installed in your device. Just because this time the software just faked ad clics doesn't mean that's the only thing it could be installed in your device this way.

    A thieve entered in my house because my front door is broken but he only ate an apple so I guess I'm fine. I don't have to fix my front door or anything because I don't like apples!

  27. Re:Android malware is profitable for Google and mf by Anonymous Coward · · Score: 0

    So... the problem is fixed but only in theory. If that's a relief for you... congratulations.

  28. Re:Android malware is profitable for Google and mf by Anonymous Coward · · Score: 0

    Because Google doesn't earn money with Android licenses doesn't mean they don't earn money though Android, like, for example, through Google Play. More people using Android = more money for Google. Even with old, outdated and unsafe versions of Android.

  29. Re:Android malware is profitable for Google and mf by ArmoredDragon · · Score: 1

    Google arranged that Android cannot reliably be updated to its latest version. That pro-malware destructiveness is profitable.

    It seems to me that Google was using the (at the time) existing paradigm that OEMs are entirely responsible for providing updates, and carriers were entirely responsible for deploying it. Industry politics basically made this mandatory at the time, and they still do to a huge extent. Apple gets around this because they are vertically integrated. Microsoft promised to not have this problem, but because they aren't vertically integrated, they ultimately ran into the same problem (only for them it's even worse: Practically no app compatibility across major OS versions.)

    There's pretty much nothing you can do about this without being fully vertically integrated. Google has been making efforts over the years to make it easier and/or encourage OEMs to upgrade more often, especially in the upcoming Android O release, but ultimately it will likely just be the Nexus/Pixel devices that do so.

  30. Re:Android malware is profitable for Google and mf by thegarbz · · Score: 1

    Google needs better management.

    What the fuck are you talking about? Every release of Android in the past 3 years has made steps towards fixing precisely what you're complaining about, and the final step will come with Android O which completely decouples the update process from the shitty other companies who you *should* be blaming for their shipping Android devices but not forwarding security updates.

  31. Every time by GrumpyNope · · Score: 1

    I swear there is always a Minecraft guide app in these lists

  32. Re:Android malware is profitable for Google and mf by Ol+Olsoc · · Score: 1

    The carriers take stock android and customise it to their requirements. It is then the carriers responsibility to get that sorted out update-wise.

    Cheap. Remember cheap. With android's biggest draw being cheap, once that phone is out of most companies hands and into yours, they are done with you. Since cheap rules for Many-most android users, there isn't anyone on the company staff to do the required testing and rollout.

    So like so many of my friends who laugh about my "Overpriced Apple shit", and their economical Android Phones, they get a new one every year because the old one is all screwed up. Meanwhile I'm on only my second iPhone.

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  33. Bad SO by Anonymous Coward · · Score: 0

    This is obviously Microsoft's fault

  34. Re:Android malware is profitable for Google and mf by TheFakeTimCook · · Score: 1

    The carriers take stock android and customise it to their requirements. It is then the carriers responsibility to get that sorted out update-wise.

    Cheap. Remember cheap. With android's biggest draw being cheap, once that phone is out of most companies hands and into yours, they are done with you. Since cheap rules for Many-most android users, there isn't anyone on the company staff to do the required testing and rollout.

    So like so many of my friends who laugh about my "Overpriced Apple shit", and their economical Android Phones, they get a new one every year because the old one is all screwed up. Meanwhile I'm on only my second iPhone.

    Same here.

    First iPhone was a 4s. Still works, but is "retired." Just stopped getting updates last September, at iOS 9.3.5.

    Current phone is a 6 Plus. Will be 3 years old in a few months. Works fine. Gets current OS updates.

  35. Re: Android malware is profitable for Google and m by TheFakeTimCook · · Score: 1

    You can still side load... That's the huge difference...

    Banning dropbox and all apps that depend on it because it opens their own website vs closing a security hole while leaving an out (hosting apk any where else)?

    Yeah...

    This again?!?

    You've been able to Sideload, "legally", on iOS devices since iOS 8.

    You don't even need a Mac to do it.

  36. Apple had its own methods. by Futurepower(R) · · Score: 1

    A long time ago, a friend I respected told me, "Love the Mac, hate Apple." Apple had its own methods of abuse.

    1. Re:Apple had its own methods. by TheFakeTimCook · · Score: 1

      A long time ago, a friend I respected told me, "Love the Mac, hate Apple." Apple had its own methods of abuse.

      Name Three.

  37. "...past 3 years has made steps towards fixing..." by Futurepower(R) · · Score: 1

    "...past 3 years has made steps towards fixing..."

    That doesn't fix the bad publicity.

    If I were the CEO of Google, I would offer free, or almost free, Android updates to all cell service providers, very publicly. Any providers who didn't accept updates would then take that responsibility on themselves, publicly.

  38. Re:"...past 3 years has made steps towards fixing. by thegarbz · · Score: 1

    If I were the CEO of Google, I would offer free, or almost free, Android updates to all cell service providers

    I'm sticking with WTF. They already DO offer them free. It is well known *publicly* that the problem isn't on Google's end.

  39. It is not "well known publicly". by Futurepower(R) · · Score: 1

    You didn't understand the point. Google could make a very public announcement that would have the effect of helping people understand that cell service providers are being abusive. Google could, for example, make public the restrictions and modifications of each provider. At present it is very difficult to get that information.