Pornographic malware found in Android apps for kids

  • Pornographic malware found in Android apps for kids

Pornographic malware found in Android apps for kids

A security system called Google Play Protect is supposed to defend customers using Google's Android operating system from malicious codes by scanning apps for malware. The category was introduced to the Google Play store in June, featuring apps that raise the bar in how they treat the user experience and function.

Google removed the affected apps from the Google Play app store soon after Check Point reported the issue.

To scare users into installing unnecessary and harmful "security" apps, the malware displays a misleading ad claiming that a virus has infected the victim's device. Other ads that play also try to trick the user into giving up their phone number by telling them they've won a prize.

The malware, which Check Point dubbed "AdultSwine", attacked users in three ways, with the pornographic ads only being one.

"We've removed the apps from Play, disabled the developers' accounts, and will continue to show strong warnings to anyone that has installed them", a Google spokesperson told CNN Tech.

It does this by contacting the developers' Command and Control server once the app has been downloaded, sends data about the infected device and gets back instructions on what to do next. The malware, dubbed AdultSwine, displayed pornographic images that looked like ads but were actually created to prompt users to download fake security software and, getting users to click on links they then have to pay for. But the fake security app also contains malicious software, or malware. The most popular include Five Nights Survival Craft, Mcqueen Car Racing Game, Addon Pixelmon for MCPE, CoolCraft PE, and Exploration Pro WorldCraft. One user says, "Don't install for your kids".

The company is "struggling to keep certain malware outside the App store" because some nasty code can only be detected by dynamically analyzing the context of an app's actions, which is hard to do, a Check Point researcher explains.

"Due to the pervasive use of mobile apps, AdultSwine and other similar malicious apps are likely to be continually repeated and imitated by hackers", the researchers said in a blog post.