It embeds itself into these two services disguised as a package named “logs”, possibly to avoid rousing suspicion by pretending to be a legitimate app component.įigure 1. GhostClicker also hides in Facebook Ad’s software development kit (SDK). Trend Micro detects these adware as GhostClicker (ANDROIDOS_GHOSTCLICKER.AXM) given its auto-click routine and the way it hides itself in Google Mobile Services (GMS), the set of Google’s most popular applications and application program interfaces (APIs). Our detections/sensors saw the prevalence of this adware in Southeast Asian countries as well as Brazil, Japan, Taiwan, Russia, Italy, and the U.S. While the majority of the said apps have been taken down, 101 were still downloadable as of August 7, 2017. These adware-embedded applications include recreational games, device performance utilities like cleaners and boosters, and file managers, QR and barcode scanners, multimedia recorders and players, device charger, and GPS/navigation-related apps. We’ve uncovered a pervasive auto-clicking adware from as much as 340 apps from Google Play, one of which, named “Aladdin’s Adventure’s World”, was downloaded 5 million times.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |