Η McAffe ανακοίνωσε εχθές 16 κακόβουλες Android εφαρμογές που συνολικά έχουν πάνω από 20 εκατομμύρια λήψεις. Έχουν ήδη αφαιρεθεί από το Google Play Store, αφού διαπιστώθηκε ότι μέσω του Clicker διαπράττουν απάτη με διαφημίσεις
According to McAffe, in Android mobile utilities such as camera, currency/unit converters, QR code readers, note-taking apps, dictionaries and other theoretically harmless apps, there is Clicker malware in disguise.
The list of offending apps is as follows:
- High-Speed Camera (com.hantor.CozyCamera) – 10.000.000+ downloads
- Smart Task Manager (com.james.SmartTaskManager) – 5.000.000+ downloads
- Flashlight+ (kr.caramel.flash_plus) – 1.000.000+ downloads
- 달력메모장 (com.smh.memocalendar) – 1.000.000+ downloads
- K-Dictionary (com.joysoft.wordBook) – 1.000.000+ downloads
- BusanBus (com.kmshack.BusanBus) – 1.000.000+ downloads
- Flashlight+ (com.candlecom.candleprotest) – 500.000+ downloads
- Quick Note (com.movinapp.quicknote) – 500.000+ downloads
- Currency Converter (com.smartwho.SmartCurrencyConverter) – 500.000+ downloads
- Joycode (com.joysoft.barcode) – 100.000+ downloads
- EzDica (com.joysoft.ezdica) – 100.000+ downloads
- Instagram Profile Downloader (com.schedulezero.instapp) – 100.000+ downloads
- Ez Notes (com.meek.tingboard) – 100.000+ downloads
- 손전등 (com.candlencom.flashlite) – 1.000+ downloads
- 공이기 (com.doubleline.calcul) – 100+ downloads
- Flashlight+ (com.dev.imagevault) – 100+ downloads
We don't imagine that you have downloaded the Japanese apps, but all the others there is a good chance that you are using them, as they have a lot of downloads in total.
Clicker malware, once installed and launched, secretly visits fake websites and simulates clicking on ads without victims knowing.
"This can cause a lot of network traffic and consume energy without the user's awareness, and at the same time creates a profit for the one managing the threat actor," said McAfee researcher SangRyol Ryu.
To further hide its true motive, the app does not activate immediately after installation. She waits for some time so that they do not suspect her.
"The 'Clicker' malware targets illegal advertising revenue and may disrupt the mobile advertising ecosystem," Ryu said.