Android is used by 328 million users worldwide, the operating system has dominated the smartphone market. Android, by 3rd quarter of 2016 covered 88% of the smartphone market.
Being so popular, the developers showed huge interest in building applications for the platform, in a result of which, the android play store (google play store) now hold 2.8 million of Android application, being the biggest application store, in second stands the Apple App Store consisting of 2.2 million applications for IOS users.
The number of Android applications increased much faster in the last 4 years, which is around 1.8 million apps came after the year 2013.
Judy Malware: Auto-Clicking Adware
Android play store consists of 2.8 million apps and are being regularly scanned for malware in them, recently The researchers at Check Point found 41 Android apps infected with Judy Malware which is an auto-clicking adware.
“THE MALICIOUS APPS REACHED AN ASTONISHING SPREAD BETWEEN 4.5 MILLION AND 18.5 MILLION DOWNLOADS.” SAYS CHECK POINT’S MOBILE RESEARCH TEAM.
The apps were developed by a Korean Company and were available on the play store from a very long time, It is not yet clear that whether the malware already existed or was given as an update, however, it is clear that the malware was residing in play store for a pretty long time.
They also found some more apps infected by the same malware developed by other developers.
” These apps also had a lot of downloads between 4 and 18 million, meaning the total spread of the malware may have reached between 8.5 and 36.5 million users. Similar to previous malware which infiltrated Google Play, such as FalseGuide and Skinner, Judy relies on the communication with its Command and Control server (C&C) for its operation.” said the CPMRT
The Check Point Mobile Research Team has already reported to Google about the application in the result of which Google removed the applications from the play store.
Google’s new service is using machine learning to check the behavior of an application, if any activity is found suspicious then it will remove the application from the phone, by which smartphones are more likely to become safer than now.
ZTorg Trozan: Gives you 5 cents to infect yourself
People have become crazy thinking about how to earn money from the internet, people do several things, some become bloggers, vloggers, photographers and some end up installing applications.
Yes, installing an application, ever seen an ad campaign saying earn from home using your Android device, just install applications and earn money.
A security blogger at Kaspersky named John Snow explains how this mechanism works, He explains in his blog post saying that in google play there are much application which acts as an app exchanger, after downloading such apps you see a list of apps in them, which if you download you will get paid. All you need to do is download and open the listed application for a couple of mins and get paid.
You can find such applications just by having a look at reviews of the apps.
“Such app exchanges may urge you to download malware, in particular, the infamous Ztorg Trojan.”
What is Ztorg?
Ztorg Trojan once installed on your phone, it collects information of your phone and sends it to its command-and-control (C&C) server. The server responds with the files which are used to enable the malware to gain root access to the device. After which the malware developer can do whatever he wants. Ztorg does every activity anonymously so that the victim is not able to notice it.
Ztorg also spreads when you click on ads. When you click on an ad banner and download the app and install it, you will get infected.
What should you do?
You should make sure that you always download the application from trusted developers, not from any third party ones.
Having a good antivirus program in your smartphone is a plus to your security.