Google is generally very vigilant about letting malware into the android ecosystem via the Play Store. Recently, however, it discovered a significant large family of adware applications called Chamois affecting Play Store apps, and has promptly removed it.
Chamois-based apps are into ad-fraud, which means they trick users into clicking ads, which then allows the malware to install other apps that commit SMS fraud.
The Chamois family of malware is as devious as it is potentially harmful. So far, it has successfully evaded detection by Google engineers by using obfuscation techniques and other anti-analysis methods to stay in stealth mode.
The effects, however, have been widespread, with other people using its ad system to make money on the adware apps.
Chamois is categorized as an Android PHA (potentially harmful application) family that can do various things, such as:
- Generate invalid traffic by using deceptive graphics inside ad pop ups
- Install other apps automatically in the background, thereby artificially promoting apps
- Conduct SMS fraud
- Download and execute additional plugins
Google confirmed that Chamois is “one of the largest PHA families seen on Android to date and distributed through multiple channels,” and that “To the best of our knowledge Google is the first to publicly identify and track Chamois.”
Google used Verify Apps to block the Chamois app family, and also “kicked out bad actors who were trying to game our ad systems.” With Chamois now out of the game, Google has implemented some new rules in Verify Apps to protect users.
Verify Apps is a security feature on Android devices, which you can access through Settings -> Google -> Security -> Verify Apps. It’s an extremely useful security feature that helps detect PHAs and warn the user so they can be uninstalled.
Android botnets are becoming more complex, and the danger to users is compounded by the fact that Android is the largest operating system in the world, found on hundreds of millions, if not billions, of mobile devices.
The cops and robbers battle for cybersecurity has been escalating for quite some time now, and we don’t see it subsiding in the near future. Things are only going to get worse from here, and it is imperative that users educate themselves on basic best practices for their own sake. Even a simple thing like changing your password often and using unique and complex ones can save you a lot of pain down the road.
Thanks for reading our work! Please bookmark 1redDrop.com to keep tabs on the hottest, most happening tech and business news from around the world. On Apple News, please favorite the 1redDrop channel to get us in your news feed.