Over 60,000 Android devices are infected with malicious Battery Saver app that is capable of stealing sensitive information from victims and generating revenue through ads.
Fake scam web page advertisements are posting in various forums which is related to pharmaceutical ads, and phony prizes scams with malicious links that lead to installing nasty apps.
Scams are pointing to other web pages that scary users in many other ways ‘you need to update your device!’ or ‘you need to install this antivirus to save your device!’.
These malicious web page not only play the role to generate ads revenue but it also will perform the malicious information stealing actvities.
Researchers from RiskIQ attempt to crawl malicious web page to identify the potential scams and find one redirection that redirect victims who click to Google Play, where they are served as a malicious app.
How Does it Works
The scam page code is a very direct way to reach victims and there is no attempts at obfuscation techniques and initially, it checks the user’s language.
if it doesn’t find any languages then select the English as a default language and once the language setting will be completed then it leads to popup the following page.
Later it forces vicitms to click the install to clean the desktop but if the user clicks on the ‘install’ or ‘cancel’ buttons, a user gets sent to another server owned by the operators which forward us to the Google Play store.
Finally, it landing the battery saving ad-clicker and it seeking the following device permission while user download and trying to install it.
- Read sensitive log data
- Receive text messages (SMS)
- Receive data from Internet
- Pair with Bluetooth devices
- Full network access
- Modify system settings
According to RiskIQ, interesting to note is that the app does actually perform the functions it mentions:
- Reduces battery strain in an attempt to lengthen the life of the battery
- Kills off processes using a lot of battery resources during low battery charge
- Monitors battery status
Currently, this app installed around 60,000 users device and it also controlled by around 15 bots via C&C server, so it had at least 60,000 android devices under its control.
Hi. I’m Designer of Blog Magic. I’m CEO/Founder of ThemeXpose. I’m Creative Art Director, Web Designer, UI/UX Designer, Interaction Designer, Industrial Designer, Web Developer, Business Enthusiast, StartUp Enthusiast, Speaker, Writer and Photographer. Inspired to make things looks better.
Composing with style and getting great compliments on the article is very hard, to be honest.But you've done it so serenely and with so cool feeling and you've nailed the activity. This article is had with style and I am giving great compliment. Best! Hire a legit hacker online
ReplyDeleteHi,
ReplyDeleteShahid I love your marketing techniques and apperciate your work
yu should check my blog on Cyber Security Solutions in Pakistan
Thank you so much for taking an effort to share such useful information.
ReplyDeleteHIPAA Privacy Policy
HIPAA Risk Analysis
Employee Cyber Security Awareness Training
Selling USA FRESH SSN Leads/Fullz, along with Driving License/ID Number with good connectivity.
ReplyDelete**Price for One SSN lead 2$**
All SSN's are Tested & Verified. Fresh spammed data.
**DETAILS IN LEADS/FULLZ**
->FULL NAME
->SSN
->DATE OF BIRTH
->DRIVING LICENSE NUMBER
->ADDRESS WITH ZIP
->PHONE NUMBER, EMAIL
->EMPLOYEE DETAILS
->Bulk order negotiable
->Hope for the long term business
->You can asked for specific states too
**Contact 24/7**
Whatsapp > +923172721122
Email > leads.sellers1212@gmail.com
Telegram > @leadsupplier
ICQ > 752822040
Very useful information. Thank you very much for sharing!
ReplyDeleteROHS Certification in Sri lanka