Android
users exposed to higher risk of getting infected with more than 50 Trojan
clicker apps evading Google malware filtering.
Recently,
ESET has informed about the Porn
Clicker Trojan masquerading as popular app called Dubsmash,
which has been uploaded on and pulled from Google Play multiple times. ESET has
continued with its analysis of this malware, discovering other 51 different
applications on Google Play, each with more than 100,000 installs carrying the Trojan clicker.
It is
no longer only Dubsmash that is used to infect its victims, but plenty of other
popular app as well, such as Clash of Clans 2, Subway Surfers 2 and 3,
Minecraft 3, game cheats for Grand Theft Auto or various Video Downloaders and
Download Managers. “A telling characteristic they all share is mainly the fact
that they have been uploaded by the same developer, using the same Android/Clicker, with a capability to avoid Google malware
filtering each time,” says Lukáš Štefanko, Malware Researcher at ESET.
In 3 months, the fake Dubsmash has returned to
Google Play at least twenty-four times. “Following ESET’s notification, Google
has pulled all the reported malware-ridden apps from its store and now also
reports some of them as potentially harmful applications using its built-in
security service,” concludes Štefanko.