McAffe announced yesterday 16 malicious Android apps that have a total of over 20 million downloads. They have already been removed from the Google Play Store after it was found that through Clicker they commit scam with ads
According to McAffe, in utilities for cell phones Android, such as camera, currency/unit converters, QR code readers, note-taking apps, dictionaries and other theoretically harmless apps, there is Clicker malware in disguise.
The list of offending apps is as follows:
- High-Speed Camera (com.hantor.CozyCamera) – 10.000.000+ downloads
- Smart Task Manager (com.james.SmartTaskManager) – 5.000.000+ downloads
- Flashlight+ (kr.caramel.flash_plus) – 1.000.000+ downloads
- 달력메모장 (com.smh.memocalendar) – 1.000.000+ downloads
- K-Dictionary (com.joysoft.wordBook) – 1.000.000+ downloads
- BusanBus (com.kmshack.BusanBus) – 1.000.000+ downloads
- Flashlight+ (com.candlecom.candleprotest) – 500.000+ downloads
- Quick Note (com.movinapp.quicknote) – 500.000+ downloads
- Currency Converter (com.smartwho.SmartCurrencyConverter) – 500.000+ downloads
- Joycode (com.joysoft.barcode) – 100.000+ downloads
- EzDica (com.joysoft.ezdica) – 100.000+ downloads
- Instagram Profile Downloader (com.schedulezero.instapp) – 100.000+ downloads
- Ez Notes (com.meek.tingboard) – 100.000+ downloads
- 손전등 (com.candlencom.flashlite) – 1.000+ downloads
- 공이기 (com.doubleline.calcul) – 100+ downloads
- Flashlight+ (com.dev.imagevault) – 100+ downloads
We don't imagine that you have downloaded the Japanese apps, but all the others there is a good chance that you are using them, as they have a lot of downloads in total.
Clicker malware, once installed and launched, secretly visits fake websites and simulates clicking on ads without victims knowing.
"This can cause a lot of network traffic and consume energy without the user's awareness, and at the same time creates a profit for the one managing the threat actor," said McAfee researcher SangRyol Ryu.
To further conceal her true motive, the application it is not activated immediately after its installation. She waits for some time so that they do not suspect her.
"The 'Clicker' malware targets illegal advertising revenue and may disrupt the mobile advertising ecosystem," Ryu said.