Thirteen apps with adware were recently discovered in the Google Play Store and Google worked to remove the adware right away – but not before the apps were downloaded almost half a million times. The adware is known as HideIcon and NotFunny. They push ads to mobile phones, disrupting user activities. Looking at this event, what can we learn so that we all can do our part in the security of this community?
First things first: Let’s make sure we have the right attitude as defenders here. If we all make it Google’s problem, we will all be less effective at our defensive measure as the power comes from the entire community communicating and working together.
The detection of this adware may have happened even quicker if the first 100,000 users spoke up and alerted the abuse department at Google Play.
While this was adware, we must be ready for full-blown malware trying to gain access to Google Play’s distribution. With mobile phones playing more and more of a role in our daily lives – payment apps, health and lifestyle apps – attackers will continue to target these platforms because any exploitation is worth so much in the larger scheme of things. They constantly innovate and try to evade detection, so this is a never-ending battle.
The best thing you can do for yourself and ultimately for your community is to be informed and prepared. When these incidents happen, Google has pre-established methods to report abuse. It is important these days to establish these trusted channels prior to the incident as attackers will try and trick you with phishing communication trying to get you to download or click on something when these incidents make the news.
When logged into Google Play, go to Google Play Help and type in the word “abuse.” This will result in many resources for you to pursue given the circumstance. To eliminate it from a mobile phone, just remove the application from your device and/or Google Play account as the adware is embedded within the app.
This incident with adware is not the first, nor will it be the last. It also is not the only threat Google Play faces; attackers will try to get more and more past the audit and detection.
Adware, crimeware, malware, ransomware – all of these will constantly evolve and innovate around the defensive techniques we put in place. Remember that security is a process, and we must all do our part here to raise the cost to these attackers. Only as a community can we effectively combat this threat.
TK Keanini is CTO at Lancope. He has 25 years of network and security experience. He is responsible for leading Lancope’s evolution toward integrating security solutions with private and public cloud-based computing platforms. He is a Certified Information Systems Security Professional (CISSP).