You mightiness accept encountered a pop-up promotion that appears out of nowhere as well as surprise you lot that your mobile device has been infected alongside a unsafe virus as well as instructs you lot to install a safety app to take away it immediately.
This malicious advertising spider web page automatically downloads an Android app installation (.apk) file to your device without requiring whatever approval.
Citing malware threats on your mobile device, attackers play a joke on you lot to alter your device's settings to permit installation of the third-party apps from stores other than Google Play Store as well as install the banking trojan app on your device.
Kaspersky researchers Mikhail Kuzin as well as Nikita Buchka discovered 1 such widespread malicious advertising induce across Russian intelligence sites as well as pop websites.
Since this August, the Trojan has infected over 318,000 Android devices across the basis — cheers to Google AdSense advertisements that was beingness abused to spread malicious mobile banking trojan, dubbed Svpeng.
"When an APK file is broken downward into pieces as well as handed over to the relieve constituent via Blob() class, at that spot is no depository fiscal establishment gibe for the type of the content beingness saved, as well as therefore the browser saves the APK file without notifying the user," the duo explains inward a blog post.Google has acknowledged the issue, blocked the malicious ads as well as planned to acre it, although it is unclear when the side past times side Android Chrome version volition live on released.
However, if Google sticks to its six-week unloose cycle, users tin hold off an update on 3rd Dec 2016. So, malicious actors accept over iii weeks to exploit the flaw.
"[The] side past times side fourth dimension they (criminals) force their adverts on AdSense they may good pick out to gear upwards on users inward other countries; nosotros accept seen like cases inward the past; After all, what could live on to a greater extent than convenient than exploiting the virtually pop advertising platform to download their malicious creations to hundreds of thousands of mobile devices?" the distich say.Even if the Google acre this number alongside its side past times side software update, attackers nevertheless accept an evergreen technique to play a joke on users into downloading malicious apps past times exploiting vulnerabilities inward pop websites.
For example, a lately disclosed XSS (Cross-Site Scripting) flaw, discovered past times Indian safety researcher Jitendra Jaiswal, on WhatsApp's official websites could permit attackers to play a joke on users into downloading malware applications.
So, it is ever a practiced persuasion to install apps from official Google Play Store also equally non to alter default Android settings that preclude the installation of third-party apps.
So, the best recommendation for users is to intend twice earlier installing whatever app (no affair how legitimate it looks) from untrusted sources or clicking on suspicious-looking links.
