A new form of malware has found its way into apps listed in the Google Play Android app store and is secretly clicking on ads on porn sites, according to a report published last week.

According to ESET security researchers, over the prior seven months over 300 apps hosting the “porn clicker” malware have been listed Google Play, resulting in millions of downloads.

The apps in question mostly impersonate legitimate apps and games such as Grand Theft Auto and Subway Surfers, and once downloaded hide in the background, open an invisible browser session, then quietly visit porn sites and click on ads to make more money for the owners of those sites.

ESET malware researcher Lukáš Štefanko says that the porn clicker is the longest and most successful malware infiltration in the history of the Google Play Android app store.

“Google’s security team of course fights this campaign and takes the apps off the store pretty frequently… but considering how widespread porn clickers are on the Google Play Store, it is clear that neither the Google Bouncer filter, nor Google’s human review process, can keep malicious apps completely out of the Store,” Štefanko notes.

Reviews

The advice given to avoid accidentally installing an infected app is to check app reviews.

“Those users who do care about what they download have a good chance of keeping malicious apps out of their devices. If… you read the apps’ ratings, your risk from the whole family of clickers we are discussing is close to zero. As our analysis has shown, users share their bad experiences with these fake apps – but others don’t care. Quite frankly it’s hard to understand why people install apps with clearly negative ratings,” says Štefanko.

On the question of being tricked by fake reviews, he adds “people should know that fake “positive” comments can be found everywhere – and why should fake apps be any exception? While it’s easy to post a few positive fake comments, it’s close to impossible to post enough positive ratings to influence the overall rating. Also, it’s really impossible to erase negative ratings. For this reason, it’s crucial, for the security of users, to pay attention to the proportion of negative ratings.”

Confirming that you should always practice safe internet, even on a smartphone, Štefanko states what should be obvious: “We advise all users to have up-to-date security solutions installed on their Android mobile devices…A good security product should stop this threat from installing on the device.”

While we don’t recommend one product over another at SiliconANGLE there are a number of free virus scanners available from the Google Play store, some with familiar names such as AVG, so if you haven’t installed a scanner of your Android phone yet, you really should do so as soon as possible.

Image credit: michellzappa/Flickr/CC by 2.0