A malware strain found by the Palo Alto Networks was created by third parties to infect the recipient, injected into legitimate Android apps and it will join the slew of ads in the network. While tampering originals apps on various play stores or the Google play store is nothing new to the industry, this type of malware hacking is something new.Mobile browsing is becoming ubiquitous and when a phone doesn’t have an active Mobile Antivirus installed in it, chances of losing data, private information and money is high.
Connecting through ad networksHackers make use of the ad network system for all the wrong purposes. By default, both legal and illegal apps have a code embedded in it using which the app will connect to trusted ad networks to generate revenue. This type of malware will wait until the user installs another app and displays a dialog box asking permission to allow ads. If you approve, it will connect to the network and display advertisements as usual until the hacker who developed it decides to use it to earn money.It can be used to sign up the user with a premium rate SMS service and get as much money as possible.
What make this so serious is that it will work like benign code without any signs of infection and can be controlled with a digital switch.Fixing Ad SDK serviceThis malware works based on the ad networks SDK, more than on the app itself. This makes it easier to bypass digital signature verification and other security measures. Only a mobile antivirus application can detect when it tries to connect to the wrong source and, for example, start deducting money from your financial account.Developers need to find a better way to integrate ad networks or verify its authenticity before it is officially accepted by the Google Play Store. Device users need to have the best mobile antivirus, Comodo Mobile Security.