Check Point finds AdultSwine malware in Google Play apps

Federico Mansilla
Enero 13, 2018

Some of the apps include those that have been downloaded over 1 million times, like Five Nights Survival Craft and McQueen Car Racing Game, which is based on the Disney Pixarcharacter from the film Cars. It can throw up a fake virus warning screen and get the user to download cleaning software that would more effectively pwn the phone, trick people into sending premium SMS messages with the offer to win a prize or just throw up websites aimed at the amateur gynecologist. This new feature might be packed in the latest Google Play Services.

Upon installation, AdultSwine waits to initiate its attack until a boot occurs or when the user unlocks their phone. The app features a simple to use UI (user interface) that allows Android fans to save time by finding the exact emails they need.

The popular video calling app Google Duo comes up with new features. "I did and my son opened it and a bunch off thilthy [sic] hardcore porn pictures popped up".

Display ads that are often highly inappropriate, adult-themed and pornographic.

More news: Rafa Benitez reveals what's 'best' for him, Mike Ashley - and Newcastle

To scare users into installing unnecessary and harmful "security" apps, the malware displays a misleading ad claiming that a virus has infected the victim's device. The phone number is then used to register for premium services.

Check Point worked with Google to remove the affected apps along with known malicious programs masquerading as mobile security solutions they were helping to promote from the Play Store. Now you can make a Duo call with some one who did not even installed the app. Google also notes that it manually reviews ads and has strict category blocks to ensure children have a safe experience.

The developers of the code created it to "move laterally" within the device which, according to Check Point's blog post, could lead to passwords being compromised.

Update 12/01/2017 12:55pm ET: Updated with additional comment from Google.

Otros informes por

Discuta este artículo

SIGUE NUESTRO PERIÓDICO