Android store plays host to fake apps, what to look for

Without doubt, some of the best phones and tablets can be found running Android, with Samsung, Sony, LG, Huawei, and Oppo all companies pushing out some stellar devices of sorts in the past couple of years.

These devices arrive in all sorts of shapes and sizes, with various materials making them up and some excellent features. You might find glass or metal bodies in some, with superb cameras in others, while some Android devices compete aggressively against Apple’s juggernaut iPhone and iPad to deliver more unique features including water-proofing, high-resolution audio support, and even the ability to play PlayStation 4 video games from the tablet itself.

But one thing all Android devices have in common is that they all run Android, and with over 1.4 billion Android products activated, this makes Google’s operating system one of the largest active operating systems on the planet.

This ubiquity comes with a downside, and that is targeting. Specifically, cybercriminals look to Android and its store as a way of getting their wares on the digital app store, with the apps made by criminals often there to steal details, money, identities, and more, and while Google is trying to throw the criminals out of the store, it’s an on-going battle.

One such example of this never-ending conflict arrives in the form of a bit of malware called a “clicker” which, according to one security company, is being altered to work a little differently at the moment.

Normally, clickers are apps that generate a fake click on a website in order for that advertise or webpage owner to make money, sort of like if you click on an advertisement several times. These apps do that, opening links up to make someone money and just annoy you in the process.

According to ESET’s Senior Research Fellow Nick FitzGerald, these clicker apps are on the increase, with over 300 found on the Google Play Store, many being altered to a different kind of clicker.

Specifically, they’re being modified to work as clickers of adult material.

security-virus-malware-2

“Porn clicker apps are such apps that specifically target porn sites, or possibly ads for porn sites,” said FitzGerald, who told GadgetGuy that the pornographic variation of the clicker app wasn’t just one that clicked websites advertising adult material, but also downloaded the webpages in the background which could lead to a massive consumption of your 4G data.

“Further, if the network traffic of the affected device is being monitored, as may be common when attached to your employer’s WiFi network, this activity will produce a rather undesirable “footprint” of the kinds of sites the user of the device browses, and could lead to trouble with HR,” he said.

That means if someone monitors your downloads — say a co-worker or a partner, or even a parent or two — you may find adult

FitzGerald did tell GadgetGuy that right now, it’s merely your data activity and your mobile battery life that will be affected, with clickers not really delivering a massive security exploit payload, at least not yet, though he did suggest that at one point in time, an infected phone could impact a home or work network.

“This is, of course, a theoretical possibility, as the affected device has to be on a network for the porn clicker functionality to work, and often this will be a corporate or home WiFi network,” he said.

“That connectivity would allow the malware on an affected device to scan for other devices with writable file shares, [and] network services with exploitable vulnerabilities. Those entrance points could then be used to spread the porn clicker, or other malware, to other network-connected devices.”

eset-fake-clicker-app-review

For now, the best way to handle the clicker apps is to take a two-prong approach and install some form of security software on your Android smartphone and tablet, and then always check the reviews of apps.

Case in point, Android users have been quite vocal about the fake apps proliferating on the Google Play Store, with reviews left on some suggesting the app was a “fake” or even a “virus”. In fact, if there are several one star reviews on an app you’re considering, you’d do well to check them out ahead of time, heeding advice of other curious individuals before testing the murky waters yourself.

“Google Play users should always look at the ratings and reviews of apps before downloading and installing anything. Looking at the ratings and reviews of these fake apps, for example, shows you very quickly that the overwhelming response is negative,” said FitzGerald.

“Apps with such reviews should be avoided at all costs.”