Home > Mobile > Porn Clicker malware keeps resurfacing in the…

Porn Clicker malware keeps resurfacing in the Google Play Store

There’s a team of malware writers playing a game of “cat and mouse” with the Google Play Store by uploading and re-uploading their malware-loaded app every time it’s removed by Google.

Earlier this week Avast reported on an app imitating the Dubsmasher game that contained a porn clicker, which would re-direct the users who mistakenly downloaded it to adult sites when they opened their browser.

There would be little to indicate that the fake Dubsmasher app they downloaded was to blame.

Back in April the fake Dubsmasher app was used as a means to distribute malware as well, which infected over 100,000 users. The re-emergence of these porn clicker apps suggests that the malware’s writers are determined to get it out to users.

Related: Should you worry about malware on your phone? We asked the experts

Eset meanwhile has discovered several more porn clicker apps recently uploaded to the Play Store, which may have infected up to 50,000 users.

“Our findings combined with that from Eset, prove that these malware authors are extremely persistent and determined to make Google Play a permanent residency for their malware,” said Avast’s Nikolaos Chrysaidos.

The malware, now named Clicker-AR, has separately been discovered in three new apps in the store called Doganin Güzellikleri, Doganin Güzellikleri 2, Doganin Güzellikleri 3. The names roughly translate to “Nature’s Beauties.”

avast

Avast

Avast says it has reported the offending apps to Google.

“Google has a lot on its plate. It has to maintain the most popular mobile operating system in the world, along with an app store with around 1.5 million apps,” said Chrysaidos, warning users to be extra vigilant when downloading apps and to use a mobile anti-virus.

The Google Play Store has been criticized in the past for letting bogus apps slip through its vetting process and into the store for users to download.