Applications with 1.5 million installations engaged in click fraud and discharged device batteries

Symantec experts found on Google Play malicious applications that clicked on invisible ads, reduced the performance of infected devices and drained their batteries.

Click fraud functions were found in the application for notes (Idea Note: OCR Text Scanner, GTD, Color Notes) and the fitness application (Beauty Fitness: daily workout, best HIIT coach), which were installed more than 1.5 million times and downloaded on Google Play over a year ago by Idea Master.

Analysts say that applications have been undetected for a long time due to the use of a legitimate packer, which is commonly used to protect intellectual property. This hampered the work of Google’s automated scanners and the work of information security experts who studied the APK.

And although the advertisement was invisible to the owners of infected devices, the operation of the malvari negatively affected productivity, the battery started to discharge much faster, and visits to numerous advertising sites generated additional mobile traffic.

source: xakep.ru