“AdultSwine” malware shows adult content on children’s apps
A new strain of malicious code has been downloaded from the Google Play Store between three and seven million times, according to security researchers Checkpoint.
The code, which has been named AdultSwine, exists within around 60 game apps and has a triple-pronged attack. It targets users not only by displaying inappropriate ads (that are often pornographic in nature), but also by attempting to trick users into installing fake security apps subscribing to premium services.
Crucially, all of the different types of attack that AdultSwine performs rely on you being deceived by content that it displays. For example, an ad might appear saying that your device has a virus on it. Only when you press the “Remove virus now” button can it install an “unnecessary and potentially harmful app” on your phone. Similarly, AdultSwine displays pop-up ads inviting you to claim glamorous prizes such as iPhones, but it’s only if you enter your phone number that it can sign you up to a premium service.
To read exactly how the malicious code works, there are more details on Checkpoint’s website, along with the following diagram.
To the trained eye, this kind of deception stands out like a sore thumb and is easy enough to avoid, but worryingly, a number of the apps containing the malicious code are aimed squarely at children. Checkpoint also warns that AdultSwine’s deceptive methods could also be used to pursue a range of other criminal activity.
“Although for now this malicious app seems to be a nasty nuisance, and most certainly damaging on both an emotional and financial level, it nevertheless also has a potentially much wider range of malicious activities that it can pursue, all relying on the same common concept,” the blog post on its site explained.
At the time of writing, it appeared that the affected apps had already been removed from the Play Store. However, the most popular game – Five Nights Survival Craft – was downloaded more than a million times before being taken down, and it’s not clear whether Google will have actively removed it from users’ devices.
As a general rule, installing apps from the Play Store has always been seen as a fairly low-risk activity. However, last September a German software company showed that Google’s own Play Protect virus tool was worse than any other antivirus system at detecting malware in real-time.
This latest revelation shows that you certainly still need to have your wits about you when downloading apps from the Play Store. The best advice remains to check user reviews if you’re at all unsure about an app and to avoid unknown developers, where possible. The full list of “AdultSwine” apps can be seen on Checkpoints original article.