Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

DeepIn2U

macrumors G5
Original poster
May 30, 2002
13,060
6,988
Toronto, Ontario, Canada
Google Play’s malicious app problem infects 1.7 million more devices

Wow ... this is a concern that it's happening yet again.

Google Play, the company’s official repository for Android apps, has once again been caught hosting fraudulent and potentially malicious apps, with the discovery of more than 56 apps—many of them for children—that were installed on almost 1.7 million devices.

Tekya is a family of malware that generates fraudulent clicks on ads and banners delivered by agencies including Google’s AdMob, AppLovin’, Facebook, and Unity. To give the clicks the air of authenticity, the well-obfuscated code causes infected devices to use Android’s “MotionEvent” mechanism to imitate legitimate user actions. At the time that researchers from security firm Check Point discovered them, the apps went undetected by VirusTotal and Google Play Protect. Twenty-four of the apps that contained Tekya were marketed to children. Google removed all 56 of the apps after Check Point reported them.

Seems that the issue is these infected apps were written in native code, not java making them harder to decompile for deletion. I'm curious ... can Xcode and Swift apps be decompiled from one developer to the next if the app is available and loaded into Xcode ? Can this occur on iOS/iPadOS as well?
 
  • Wow
Reactions: 5105973
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.