The Google Play Store is generally a safe place to download apps, but sometimes malware still falls through the cracks. Case in point: A new malware using precision tactics to distribute adware was able to hide in apps on the Google Play Store for two months before it was discovered and removed. During that time it infected around 10,000 Android devices.
The malware itself has been dubbed Skinner and it basically distributed unwanted ads to users in a way that avoided suspicion by introducing ads into apps that people were already using. It was, however, finally discovered by researchers at Check Point, and is said to be one of the more sophisticated attempts at bringing malware to the Google Play Store.
The goal behind Skinner was to be discreet, rather than infecting people as quickly as possible. That way, it could slowly infect more users and avoid raising alarms. The ads themselves were not ads that would normally be seen by users in apps, however. Thankfully, it seems that generating revenue through ads was the only goal for Skinner and it did not infect devices with more malicious malware.
Because of how sophisticated it was, the app was able to track location data and it waited until an app was opened to be sure that the device was being used. It also checked for debugging software and ensures that the app was installed from the Google Play Store rather than a third-party source — techniques it used to avoid detection.
The apps that included Skinner are no longer available on the Google Play Store, but many devices likely still have the malware installed and are still generating revenue for the developers behind the malware. If you notice that an app you have installed on your device has disappeared from the Google Play Store, you should probably get rid of it, and make sure that the apps that are installed are as up to date as possible.
- How to sideload an APK or install an Android app from outside the Play Store
- Does your Mac really need antivirus software? We asked the experts
- A beginner’s guide to Tor: How to navigate the underground internet
- Apple mistakenly verified a macOS malware
- What you need to know about Epic Games’ feud with Apple (and Google)