Play Store and App Store under attack: here are the apps you need to delete

Posted on by

Not only the Google Play Store , but this time the Apple App Store was also involved in a case of infected apps . In fact, cybersecurity researchers have found 75 applications, available for download on the two stores, involved in advertising fraud.

But that is not all. According to Bleeping Computer , “ in addition to flooding mobile users with both visible and hidden advertisements , fraudulent apps have also generated revenue by impersonating legitimate apps and impressions clicks ”.

The aspect that is surprising everyone is that this case is revealing an App Store that is not so far removed from the Play Store , often the victim of infected applications that manage to overcome internal security systems.

So let’s see the list of apps that you absolutely must delete , if you are among the 13 million users who have downloaded them. Furthermore, let’s find out together how it is possible to defend against similar dangers on both Android and iOS.

Play Store and App Store: how the offending apps work

The researchers of HUMAN ‘s Satori Threat Intelligence team discovered these 75 applications available on the Play Store and App Store , which contain a dangerous Adware . Their job was to identify a number of mobile apps that push an ad fraud campaign called Scylla :

HUMAN’s Satori team discovered a collection of over 75 apps on the Google Play Store and over 10 apps on the Apple App Store that contained Charybdis-like obfuscated code. The Scylla apps contained code that pretended to be other legitimate games for advertising purposes, helping to keep their running quiet.
In the case of Scylla, the receiver code would activate when the apps were not open. For example, activation when a device has simply been unlocked on the home screen.
The code within the Scylla apps is built to take information from real clicks, such as a real person’s click times on an ad, where the ad was clicked, and then resubmit that information as a fake click to cash out.

The list of infected apps

Now let’s focus on the list of infected apps available for download on the Play Store and App Store . Obviously, if you notice one or more of them that you have downloaded and installed on your device you must immediately delete it. Here are the most downloaded Android apps :

  • Super Hero-Save the world! – com.asuper.man.playmilk
  • Spot 10 Differences – com.different.ten.spotgames
  • Find 5 Differences – com.find.five.subtle.differences.spot.new
  • Dinosaur Legend – com.huluwagames.dinosaur.legend.play
  • One Line Drawing – com.one.line.drawing.stroke.yuxi
  • Shoot Master – com.shooter.master.bullet.puzzle.huahong
  • Talent Trap – NEW – com.talent.trap.stop.all

Here is now the list of the most downloaded iOS apps :

  • Loot the Castle – com.loot.rcastle.fight.battle (id1602634568)
  • Run Bridge – com.run.bridge.race (id1584737005)
  • Shinning Gun – com.shinning.gun.ios (id1588037078)
  • Racing Legend 3D – com.racing.legend.like (id1589579456)
  • Rope Runner – com.rope.runner.family (id1614987707)
  • Wood Sculptor – com.wood.sculptor.cutter (id1603211466)
  • Fire-Wall – com.fire.wall.poptit (id1540542924)
  • Ninja Critical Hit – wger.ninjacriticalhit.ios (id1514055403)
  • Tony Runs – com.TonyRuns.game

Defending yourself from these dangers is very easy. The important thing is to rely on an effective and definitive security system, able to better verify any app  downloaded on your device before it is run.

Source: HUMAN