2017 was one of the worst years in the cyber world, as it witnessed series of deadly ransomware attacks such as WannaCry and Petya among others affecting websites of many governments and corporate houses across the globe. And now, 2018 has begun with somewhat better with malware being detected before making any serious damage.
Internet security watchdog Check Point's researchers discovered a new malware dubbed as 'AdultSwine' in around 60 gaming apps on Google Play store, which used to pop-up adult porn images even on apps certified appropriate for children and also has a capability to steal banking credentials.
What's shocking is that they have been installed anywhere between 3 million to 7 million Android phones.
How AdultSwine malware works on Android phones:
Step 1: It all begins with a naive user downloading a gaming app from a totally unfamiliar company on Google Play store and once installed, the app sends 'successful installation' status to remote 'Command and Control Sever.'
Step 2: Malicious app begins to pop up objectionable pornographic images during the game and induces user to install dubious anti-virus on to their phone
Step 3: Later, the anti-virus app begins to persuade users to enrol for some jackpot/lucky quiz with prizes including free iPhones and other gifts.
Step 4: Enticed users unwittingly participate in the contest and he/she wins, it will ask them to furnish phone numbers for communication purpose and tracking of gift delivery.
Step 5: With contact details, malicious actors subscribe to premium services without the users' consent and before they know it, money will be deducted.
Thankfully, before the hackers could undertake a larger attack, Check Point security researchers identified the nefarious apps and forwarded to Google, which, taking note of the severity of the issue, has taken them down on the Play store.
Also read: Google gets dead serious to weed out malwares from Play store: Starts HackerOne bounty program with big cash prize
How to protect your smartphones from 'AdultSwine' and other malware:
Despite the blame for 'AdultSwine' existence partly lies with Google for not fully scrutinising the apps on its Play store, Android mobile device owners are also responsible. To be on a safer side, always follow the below guidelines before installing an app on your phone:
- Always keep your smartphone updated to the latest firmware. Most companies in collaboration with Google send software updates — especially security patches on priority basis and always make sure to update them immediately
- Make sure to use premium Antivirus software, which also provides malware protection and internet security
- Never open emails sent from unknown senders
- Never install apps from unknown websites
- Never install apps from unfamiliar publishers even on Google Play store