• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Clicker Malware Garners Estimated 20 Million Downloads

You are here: Home / General Cyber Security News / Clicker Malware Garners Estimated 20 Million Downloads
October 24, 2022

So-identified as “clicker” malware made to aid advert fraud has been found on 16 mobile apps in the Google Perform retail store, according to McAfee.

Soon after being notified by the security seller, Google has eradicated the offending apps, which are believed to have garnered as numerous as 20 million downloads.

Detected as Android/Clicker, the malware was inserted into legit-wanting utility apps this sort of as flashlights, QR visitors, cameras, device converters and endeavor supervisors.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


“Once the application is opened, it downloads its remote configuration by executing an HTTP request,” defined McAfee.

“After the configuration is downloaded, it registers the FCM (Firebase Cloud Messaging) listener to get thrust messages. At initially glance, it appears to be like properly-created android software package. Nonetheless, it is hiding ad fraud features powering, armed with remote configuration and FCM techniques.”

Exclusively, the malware forces contaminated products to go to and look through certain web-sites in the history, without the user’s awareness.

This generates advertisement fraud profit for the risk actor in the type of fake clicks, whilst it can also degrade device performance for the consumer, operate down the smartphone’s battery and operate up extra cell facts service fees.

There are two key items of destructive code at perform: the ‘com.simply click.cas’ library focuses on automatic clicking, even though the ‘com.liveposting’ library is effective as an agent to run hidden adware services.

Android/Clicker stays beneath the radar to steer clear of attracting the notice of a gadget consumer by leaping into motion only when an contaminated smartphone is not in use. It will also not get the job done in just an hour of initial set up, McAfee said.

“We suggest getting a security software installed and activated so you will be notified of any mobile threats current on your product in a timely way,” the security seller concluded.

“Once you eliminate this and other malicious programs, you can count on an extended battery time and you will recognize decreased cell facts use even though making certain that your sensitive and personal data is safeguarded from this and other varieties of threats.”


Some components of this article are sourced from:
www.infosecurity-magazine.com

Previous Post: «australia to increase maximum data breach penalty to $50 million Australia to increase maximum data breach penalty to $50 million
Next Post: NCSC founder details ‘biggest regret’ in underestimating organised cyber crime ncsc founder details 'biggest regret' in underestimating organised cyber crime»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
  • Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
  • CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
  • Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
  • WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
  • New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
  • AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
  • Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
  • Non-Human Identities: How to Address the Expanding Security Risk
  • ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Copyright © TheCyberSecurity.News, All Rights Reserved.