More than 50 applications που βρέθηκαν στο Google Play Store have infected around 55 million Android users with adware. This is something that seems to be happening for the umpteenth time.
According to Sophos security researchers, Android XavirAd has been detected in many applications on the Play Store. Adware displays embarrassing ads to infected users and collects personal information sent to a remote server. So far, it is believed that up to 55 million users are infected.
Some of the 50 apps on Google Play that contain adware have over one million downloads. Overall, the number of downloads increases to about 55 million downloads.
Due to the adware, users see a advertising full screen at regular intervals, even if the infected app is closed. These ads will direct you to install other apps.
The Google Play Store is full of complaints about these apps, as many users have noticed and reported scandalous behavior.
"However, XavirAd can do much more than display ads. After launching the application, the XavirAd library communicates with its server and receives the configuration code. The server responds with settings for displaying full-screen ads and saves them to common preferences. The domain api-restlet.com is said to have been registered for this purpose ", point out the Sophos researchers.
The adware then uploads another .dex file from cloud.api-restlet.com, which collects data from the user's phone, such as the email address for the Google account, the list of installed apps, the IMEI ID and AndroidID, screen resolution, manufacturer, brand and version of the operating system, SIM card information and from applications. Data is encrypted and sent to the C&C server.
List of infected apps