These two apps with millions of downloads slow down your device
Table of contents:
It turns out that we can't even trust official repositories anymore when it comes to downloading and installing secure applications. Very recently, the official Google store from which we download millions of applications every day, the Google Play Store, hosted an application with a large number of downloads that contained a Trojan horse. The application was CamScanner and millions of people had it on their mobiles because it was, apparently, a totally safe tool to scan documents with the simple help of the mobile.
Notes and fitness, two fraudulent applications
And today, once again, the Google Play Store application store is once again in the spotlight for security reasons and it is that it has been discovered that two applications, also with millions of downloads behind their backs, they are giving problems to those who have them installed on their mobiles. It is a note application called 'Idea Note: OCR Text Scanner, GTD, Color Notes' and another beauty, he alth and fitness application called 'Beauty Fitness: daily workout, best HIIT coach'. For more than a year, these two apps have been defrauding millions of users before security company Symantec informed Google and Google removed them from the Google Play Store.
This is how they 'stealed' data from users
Both apps placed ads within themselves in places that were not visible to the user who downloaded and installed them, typically at the bottom of the app drawer of infected mobiles.When the user clicked on the notification (it was a normal notification, not a visible ad) the ad was opened but not displayed. In this way, the application could report that the user was seeing the ads continuously, generating income per click, but without the user noticing.
They also hid ads in another way: with a technique called 'Packers': by changing the structure and flow of the application installer file (what we know as APK) the scammers could alter the behavior of that file. With this obfuscation operation, the Google Play Store's own scanners were unable to detect any anomalous behavior in the hosted applications.
All these 'ghost' clicks had a negative impact on the performance of mobile phones, causing brutal battery drain and an excessive increase in mobile data traffic.For a full year, these two apps have gone completely unnoticed by Google's security engineers, affecting more than a million and a half users who use them. downloaded. This case is particularly complex due to the entire system of obfuscation and modification of the packages that we have mentioned.
The developer of the two applications, Idea Master, no longer has any application available in the Play Store and has not even given any explanation to the media about these two malware applications. We recommend you if you notice that your mobile is running a little weirder than normal, you have had an excessive consumption of data and your uses and customs have not changed and the battery drains much faster than before, look to see what recent applications you have downloaded and installed.
