Lookout has published a new security report based on research they’ve done on adware apps. If you don’t know, adware is an app that is specifically designed to push ads to you — simple concept, no? A lot of adware is injected into shill apps that provide little or very simple functionality, but Lookout suggests there is an alarming amount of legit applications (20,000 or so) with adware injected.
Illegitimate versions of apps like Candy Crush, Facebook, Google Now, NY Times, Okta, Snapchat, Twitter and WhatsApp — which could seem fully functional to the end user — are secretly storing adware code. Lookout suggests some of these apps find their way onto Google Play, though most are typically uploaded to third-party app stores. But that isn’t even the scariest part.
The company’s research also suggests that these apps are housing more than just ad-pushing code — some even have the capability to auto-root your phone and push files to your system partition without your consent. This would make it possible for a malicious app to do practically anything it wants on your phone, including installing spyware such as keyloggers. And all it takes is the simple act of installing the app, says Lookout.
Lookout says nearly all of the apps share common characteristics, with a vast majority of the code coming from one of “three” families: Shuanet, ShiftyBug, and Shedun. Up to 80% of the apps share the same exact code base for executing the attacks, and they all target much of the same exploits.
The specifics of who is doing what and where aren’t that important to you, though — what’s important is knowing how to shield yourself from this madness. The typical adage applies here:
It may seem like a lot of legwork for simply downloading and installing an app, but it’s nothing in comparison to the legwork you’d have to do to recover from a malicious attack from the tons of shady apps out there. You can read the full report at Lookout’s blog if you’re interested.