In the Google Play Store discovered 56 simulating user activity applications
Official store of digital content Google Play Store is the most popular source of applications for users of devices based on Android. Since the Play Store is visited monthly by hundreds of millions of users, the attackers aimed at this audience. Despite the fact that Google checks published to the Play Store app, the store is regularly found malware of varying severity.
Researchers from Check Point, working in the field of information security, has discovered a new family of malware. We are talking about malware Tekya, which simulates user activity by clicking on the advertising banners platforms Google AdMob, AppLovin, Facebook and Unity.
In total, the researchers identified 56 such applications, 24 of which focused on children and represent a different kind of game. The rest of the infected apps were presented as interpreters, calculators, compendiums of recipes, etc. In total these apps have been downloaded by users in the Play Store more than 1 million times.
It is reported that the malware hides Tekya own code to avoid detection by Google Play Protect, and also uses the mechanism of Android system called MotionEvent to simulate user activity and generate clicks. To see a list of identified fraudulent programs on the web-site Check Point.
The researchers note, the result of their work proves that in the Play Store there are still malicious apps, despite efforts by Google. Currently, the store published about 3 million apps and this list is updated daily with hundreds of new programs, which greatly complicates the search for and identification of dangerous and crimeware.