Trojan Porn Clicker, masquerading as
popular app called Dubsmash,
has yet again returned to Google Play Store after being pulled from the
offering almost a month ago. Detailed information on this recurring threat is
now available on WeLiveSecurity.com.
Surfacing for the first time more
than month ago, Dubsmash 2 has made its return appearance on Google Play
last week. Since then it has been successfully re-uploaded four times – always
containing the same malicious code.
Although the fake app that bears the
malicious code poses no actual harm to the average user, the problem arises
with pay-per-click campaigns, as the porn clicker trojan was created to perform
click fraud. Once
activated, the malware generates a lot of internet traffic, resulting in high
bills. Interestingly, ESET found that this app will almost exclusively attack Android
devices without a security solution installed.
“If no AV software is installed then
Dubsmash 2’s true functionality is activated. The trojan then proceed to
request porn links from its server. These links will be loaded every 60 seconds
into WebView inside an invisible window,” says Lukáš Štefanko, Malware
Researcher at ESET.
The whole story about porn
clicker trojan is now available on WeLiveSecurity.com.