Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
343 Android Apps Infected with Clickjacking Malware Found on Google Play Store
Porn Clicker Trojan strikes again, this time worse than ever

Yet again ESET researchers have found clickjacking malware in Android applications that managed to squeeze by Google's highly lauded app screening process and made their way on the official Play Store.

This particular issue is nothing new, neither to ESET or Google. Something similarly has happened three different times last year, first in April, then May, and then again in July.

Porn Clicker Trojan at the core of the issue

At the core of the issue is a malware family which the developers have named Porn Clicker Trojan. The reason behind this name is because of its behavior.
The trojan works by opening an invisible browser window and clicking on ads on pornographic websites. It does this every minute or so.

Because it does not steal any user data, log user behavior, or sends credentials to remote servers, many security firms have deemed this malware to be inoffensive since it's focused mainly on monetary gains for its operator without causing damage to the user.

Of course, there can be some cases where a user that leaves his mobile carrier Internet connection on, could see a higher bill the following month as the trojan loads and reloads smut websites in the background.

Ten new Porn Clicker-infected apps added to Play Store each week

The Porn Clicker Trojan is usually distributed as apps cloned after popular apps or free versions of commercial Android games. These apps are distributed via third-party app stores, but also via Google's Play Store.

During its most recent wave of infections, ESET's Lukas Stefanko says that the trojan's mode of operation has changed only slightly.

The trojan's new feature is a scanning function that searches the user's device for security and antivirus products. If it finds such tools, the trojan will not execute. This may also explain how the trojan passed Google's app review process.

"On average, ten new porn clickers a week bypassed Google’s security checks during this campaign," the ESET team notes. "To get a sense of the scale, porn clickers on Google Play have on average, been downloaded 3600 times each."

ESET has published the list of apps it recently detected as infected with the Porn Clicker Trojan.


Possibly Related Threads…
Thread Author Replies Views Last Post
  Android malware apps with 2 million installs spotted on Google Play tarekma7 0 32 Yesterday, 04:09 PM
Last Post: tarekma7
  Android malware infected 300,000 devices to steal Facebook accounts tarekma7 0 25 Yesterday, 04:04 PM
Last Post: tarekma7
  Fake Google Translate app installs malware dhruv2193 1 254 09-05-2022 , 12:47 PM
Last Post: Mike
  New Android malware on Google Play installed 3 million times mrtrout 0 347 07-14-2022 , 02:55 AM
Last Post: mrtrout
  SharkBot malware hides as Android antivirus in Google Play tarekma7 0 593 03-05-2022 , 05:47 PM
Last Post: tarekma7

Forum Jump:

Users browsing this thread: 1 Guest(s)