Nasty mobile ad fraud operation caught infecting apps in Google Play

February 23, 2019

By Mark Jones

There have been a ton of malicious apps found in official app stores recently. Even though they’re supposed to have stronger systems in place to prevent malicious apps from showing up, it hasn’t been working.Google Play Store has been particularly bad of late. It was only a couple weeks ago that Clipper malware was found hiding there.Now, things are drastically worse. A bunch of apps were just discovered carrying out a mobile ad fraud scheme, and your gadget might be infected.

Is your Android plowing through data?

Researchers at Oracle announced last week it discovered a piece of bad advertising software hiding in some Android apps. Hundreds of apps were infected with malicious code being called “DrainerBot” that’s thought to have come from a Software Development Kit (SDK). Infected apps have been installed over 10 million times.Here’s how the scam works. The malicious code delivers fraudulent, invisible video ads to infected devices and reports back to the ad network that the ads have appeared on a legitimate publisher site. However, those sites have been spoofed and are not real.This could end up costing you big time. Since the video ads are constantly running behind the scenes, you don’t see them and never know it’s happening. Which could lead to a couple huge problems.First, it could cause your battery to drain extraordinarily fast. The phone might feel hot, even when it’s not being used and you may have to charge it way more than normal before it dies altogether.Secondly, and this is huge, the ads can eat through data like you wouldn’t believe. It could lead to using more than 10 GBs of extra data per month, which could cost you hundreds of dollars per year depending on your data plan.And consumers aren’t the only ones being hurt by this operation. Advertisers are paying good money for ads that no one actually sees.

How to know if your device is infected by DrainerBot

Earlier, we said hundreds of apps have been infected with DrainerBot, but only the following five have been revealed:

  1. Perfect365
  2. VertexClub
  3. Draw Clash of Clans
  4. Touch ‘n’ Beat – Cinema
  5. Solitaire: 4 Seasons

If you have installed any of the apps on the list, delete them immediately. But you may have installed an infected app that isn’t on the list.Here are some signs to look for:

If you’ve noticed anything unusual like this with your Android, it may be infected. To pinpoint which app/apps are causing the problem, find out which ones have high data usage.Here’s how to check on the latest Android operating system: Go to Settings >> Network and Internet >> Data Usage >> App Data Usage.Uninstall any app that is using a suspiciously high amount of data. That should take care of the problem.Google said earlier this week that it’s screened all the apps currently in the Play Store and that none of them are infected. Hopefully they can keep it that way.

https://www.komando.com/tips/software-and-apps/nasty-mobile-ad-fraud-operation-caught-infecting-apps-in-google-play/