Monday, 22 January, 2018

Pornographic malware found in Android apps for kids

Google took down 60 gaming applications after security firm Check Point said it had discovered new malicious software in the apps available to both children and adults at Google Play Store Android App & Game Awards – Tabby Awards Honors Best of 2017 For Android Phones & Tablets
Theresa Hayes | 13 January, 2018, 05:26

The malware, dubbed AdultSwine, displayed pornographic images that looked like ads but were actually created to prompt users to download fake security software and, getting users to click on links they then have to pay for.

The apps may have been taken off the Google Play store, but the malware will remain on an infected phone.

An individual or group of hackers created these malicious games under fake publisher names to distribute their malware and make money off the scheme, Check Point researcher Daniel Padon told CNN Tech.

In a statement to the Financial Times, a Google spokesperson said "We've removed the apps from Play, disabled the developers' accounts, and will continue to show strong warnings to anyone that has installed them".

Check Point said AdultSwine caused pornographic images to pop up during the children's games, including in a car-racing game named after the Disney cartoon character Lightning McQueen, which according to Google data had been downloaded at least 500,000 times.

A security system called Google Play Protect is supposed to defend customers using Google's Android operating system from malicious codes by scanning apps for malware. Users have left reviews on the Google Play Store for some of the apps, with one saying, "Don't install for your kids".

The malware also sought to trick users into installing fake security apps, and could open the door for other attacks such as theft of user credentials, Check Point said.

One father complained to Google that the software had exposed his four-year-old son to "a bunch of thilthy (sic) hardcore porn pictures". Numerous games were aimed at children.

Google Play bans software that promotes sexually explicit content, and the company has safeguards in place to prevent malware-laden apps from infiltrating the platform.

Check Point says the "malicious code's own ad library... contains ads of an offensive nature, including pornographic ads". Once entered, the malicious code then uses this number to register to premium services. Google also notes that it manually reviews ads and has strict category blocks to ensure children have a safe experience.