• Home
  • Apps
  • Apps News
  • Google Removes Over 200 Android Apps Infected by ‘SimBad’ Adware With Millions of Downloads: Check Point

Google Removes Over 200 Android Apps Infected by ‘SimBad’ Adware With Millions of Downloads: Check Point

Share on Facebook Tweet Share Reddit Comment
Google Removes Over 200 Android Apps Infected by ‘SimBad’ Adware With Millions of Downloads: Check Point

Photo Credit: Check Point

The “SimBad” adware can hide an infected app’s icon and make it harder to uninstall

Highlights

  • The SimBad adware infected 206 Android apps
  • Infected apps had around 150 million collective downloads
  • All such apps have been removed from Play Store

Google has been dealing with the scourge of malware infecting Android apps for quite some time, and while necessary action has been taken against such apps, more issues keep popping up. The latest one to plague Android apps is an adware called SimBad. Discovered by Check Point, the SimBad adware affected 206 apps listed on Goole Play, all of which have now been reportedly removed after Google was notified about the same. The infected ads collectively clocked over 150 million downloads and could be exploited by bad actors to show ads, generate phishing pages, and open a specific URL in the web browser.

The SimBad adware was discovered by Check Point's Mobile Threat Team and gets its name from the fact that a majority of infected applications were simulator games. Check Point's findings state that SimBad's capabilities range from showing ads to opening a specific URL in the Web browser and exposing users to more malicious apps. Moreover, it could allow malicious parties to install a remote application from a designated server and inject more malware on a device if deemed necessary.

The SimBad malware is a part of the ‘RXDrioder' SDK that is provided to developers as an add-on SDK for ad-related services, says Check Point's report. "We believe the developers were scammed to use this malicious SDK, unaware of its content, leading to the fact that this campaign was not targeting a specific county or developed by the same developer."

Once an infected Android app has been installed and being actively used, the SimBad adware can be commanded to show background ads and open a specific URL in the Web browser. And since the adware can take users to the desired webpage in a browser, the malicious parties can generate phishing pages. The adware also comes with the ability to hide an infected app's icon from the launcher, making it difficult to uninstall the app.

Moreover, the adware could also take users to app repositories such as Google Play and 9Apps where users can be prompted to download more malware-infected apps at the behest of other bad players in order to make profits. Check Point notes that the SimBad malware “already has the infrastructure to evolve into a much larger threat”. As for the infected apps that have now been removed from the Play Store, one of them had around 10 million downloads, while 13 of them had touched the 5 million download mark.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Further reading: SimBad, Adware, Play Store, Android Malware
Nadeem Sarwar Aside from dreaming about technology, Nadeem likes to get bamboozled by history and ponder about his avatars in alternate dimensions. More
Twitter Unveils Redesigned Camera for App, Rolling Out Over 'Next Few Days'
PUBG Ban: Rajkot Police Reportedly Arrest 10 for Playing the Mobile Game
 
 

Advertisement

 

Advertisement