Porn Clicker Trojans Continue to Flood Google Play

ESET researchers have found 343 Porn clicker-type malicious apps on Google Play in just 7 months – and criminals are continuing to upload further variants onto the platform, which is the official app store for the Android mobile platform.

Porn clicker Trojans, which ESET detects as Android/Clicker, masquerade as legitimate apps, notably games. This family of malware has made it into the official Android app store at least 343 times in the last seven months, which makes it one of the largest malware campaigns on the Play Store to date.

“There have been many cases of malware campaigns on Google Play, but none of them have lasted so long or had such a huge number of successful infiltrations,” explains Lukas Stefanko, an ESET malware researcher who specializes in Android malware.

WeLiveSecurity.com, ESET’s security news blog, has published an article by Stefanko with detailed information about Porn clicker Trojans, and also an interview with him containing interesting additional findings and opinions.

On average, 10 new Porn clickers have bypassed Google’s security checks every week during the campaign, according to ESET’s research. What is more, these Porn clickers don’t just make it into the store – they are also successfully finding their way onto users’ devices. The average number of downloads per app is 3,600.

“These Trojans has been continuously repacked. Newer versions are always slightly changed and have their code obfuscated in order to hide their true purpose and bypass Google’s security checks,” comments Stefanko.

After installation they generate fake clicks on advertisements and generate revenue for their operators, robbing advertisers and harming the advertising platforms. From users’ point of view, these Trojans generate a lot of Internet traffic, which might have negative consequences for some.

Always check the ratings of other users before downloading an app - they tell you the real story. (Screenshot Google Play made by ESET)
Always check the ratings of other users before downloading an app – they tell you the real story. (Screenshot Google Play made by ESET)

Despite the Porn clicker Trojans being successful in hiding their true purpose, users still have a good chance to avoid them. “Ratings of these fake apps mirror their victims’ bad experiences, with negative ratings far outnumbering positive ones. Ratings are a powerful security tool and we urge all users to pay attention to them,” recommends Lukas Stefanko.

Kommentar verfassen