Category: Google|Apr 2, 2020 | Author: Admin

Tekya Malware Targets 1 Million Android Users Through Malicious Apps On Play Store

Share on

While Google employs some tough policies for app developers to keep the Play Store safe, yet it never remains so. Once again, criminal hackers managed to ditch Google’s policies and flood the Play Store with malicious Android apps.

This time, they target users with Tekya malware distributed via numerous apps with almost 1 million downloads.

Tekya Malware In Malicious Android Apps Researchers from Check Point Research has found further Android malware targeting users via Google Play Store. They found multiple Android apps that looked safe but actually contained Tekya malware. Elaborating on their findings in a post, researchers stated that they observed around 56 apps on Play Store exhibiting malicious behavior.

Of these, 24 specifically aimed at children as they impersonated various kids’ apps, such as games and puzzles. Whereas the remaining impersonated utility apps such as calculators, translators, cooking apps, etc. Upon downloading the app, the malware installs and executes on the target device. While the technical details of Tekya are available in the researchers’ post, in brief, it primarily serves ad fraud purposes.

With the goal of committing mobile ad fraud, the malware – dubbed ‘Tekya’ – imitates the user’s actions in order to click ads and banners from agencies like Google’s AdMob, AppLovin’, Facebook, and Unity.

To evade detection by Google Play Protect, the malware obfuscates the native code. It then leverages ‘MotionEvent’ feature on Android phones to imitate the victim’s actions for generating clicks. Together, these malicious Android apps had a total number of downloads of about 1 million. In other words, these apps potentially risked the security of around 1 million users. Apps Removed, But Threat Remains Check Point researchers have confirmed that Google has removed all the malicious apps detected in their study. The developers also removed a couple of those apps from the Play Store. So, at present, users are safe from Tekya malware. Nonetheless, this doesn’t mean that the threat is over. At any point, cybercriminals may flood Play Store with malicious apps to spread other malware, especially the unknown ones, just like Tekya that remained undetected by VirusTotal and Play Protect. As stated by the researchers,

There are nearly 3 million apps available from the store, with hundreds of new apps being uploaded daily – making it difficult to check that every single app is safe.  Thus, users cannot rely on Google Play’s security measures alone to ensure their devices are protected.

Let us know your thoughts in the comments.

Sponsored Ads:

Comments:


All versions of Windows are exposed

Category: Microsoft|Sep 25, 2021 | Author: Admin

Android's underappreciated upgrade advantage

Category: Google|Sep 24, 2021 | Author: Admin

No Electricity? A New Cooling System Uses Sunlight and Saltwater

Category: General|Sep 23, 2021 | Author: Admin

Slack begins rolling out video and audio message ‘clips’

Category: General|Sep 22, 2021 | Author: Admin

Roku's free OS 10.5 lets you dictate passwords, fixes pesky sound lags on headphones

Category: IT|Sep 21, 2021 | Author: Admin

Some good news and some strange news from Apple

Category: Apple|Sep 20, 2021 | Author: Admin

New Windows security updates break network printing

Category: Microsoft|Sep 19, 2021 | Author: Admin

Sent 700tb over 4 km of laser technology

Category: IT|Sep 18, 2021 | Author: Admin

'Massive' transatlantic data cable landed on beach in Bude

Category: Google|Sep 17, 2021 | Author: Admin

YouTube shuts down Discord music bot ‘Rythm’

Category: Google|Sep 16, 2021 | Author: Admin

Facebook's secret rules differentiate between the "elite" and most people

Category: General|Sep 15, 2021 | Author: Admin

Apple suddenly had to crisis-update the iPhone and Mac

Category: Apple|Sep 14, 2021 | Author: Admin

Epic is blocked forever on all Apple platforms

Category: Apple|Sep 13, 2021 | Author: Admin

NVIDIA To Launch GeForce RTX 30 SUPER ‘Ampere Refresh’ In January 2022, GeForce RTX 40 ‘Ada Lovelace’ GPUs in October 2022

Category: General|Sep 12, 2021 | Author: Admin

3 smart shortcuts for a curiously hidden Chrome OS command

Category: Google|Sep 11, 2021 | Author: Admin
more