Malicious web ad infecting Android phones

Discussion in 'Droid News' started by Droid, Jun 9, 2017.

  1. Droid

    Droid Member Support


    Savvy Internet users know not to click on strange links, but malvertising — malicious code hidden within otherwise innocuous advertisements — presents a more pernicious problem.

    A new malvertising campaign isn’t content to just redirect your web browser to unsafe sites. If you're using an Android phone, it downloads and installs an Android app that can compromise your entire phone, with no known panacea. The trap is easy to avoid, but once it’s sprung, it’s sprung for good.

    This information comes from the Zscaler ThreatLabZ team, a San Jose, the California-based security firm. Zscaler discovered the issue by scouring the Godlike Productions forums, a hotbed of UFO and conspiracy theory activity. For once, the tinfoil-hatted commenters had it right; someone really WAS out to get them, and that someone was a cyber criminal.

    What You Need to Do
    The good news is that avoiding the problem is extremely simple, and you may not even be susceptible to it in the first place. In order for apps from sources other than the Google PlayStore to be installed, users must go into Security-->Settings and allow apps from "Unknown Sources." That function is a security risk and is disabled by default.

    Still, if you use third-party app stores (like the Amazon Appstore), you've already enabled Unknown Sources. To disable the feature, check your phone’s settings. Enabling and disabling third-party app installation will be under the Security menu, although that menu's location may vary depending on your phone.

    MORE: Best Android Antivirus Software and Apps

    Advertisements on the forum automatically installed an Android APK known as "kskas.apk" to users' phones. The program calls itself "Ks Clean" and promises to clean out an Android device. Once installed, though, it claims that the phone is vulnerable to a security loophole and requires an update to safeguard the device.

    The update, of course, is, in reality, another app, and a much more malicious one. This one requires administrative privileges to install, which means that the "update" app can control your phone at the deepest level.

    by MARSHALL HONOROF Jun 8, 2017, 8:42 AM

Share This Page

Side Nav