Researchers have discovered two Google Play apps with more than 1.5 million downloads engaging in a new form of click fraud that drained batteries, slowed performance, and increased mobile data usage on infected phones.
The apps—a notepad app called "Idea Note: OCR Text Scanner, GTD, Color Notes" and a fitness app with the title "Beauty Fitness: daily workout, best HIIT coach"—carried out the stealthy form of fraud for almost a year until it was discovered by researchers at security firm Symantec. Google removed them from Play after receiving a private report.
The newly discovered tactic positioned advertisements in places that weren’t visible to end users—specifically in messages displayed in the nether regions of an infected phone's notification drawer. When a user clicked on the notification, Android’s Toast class opened the ad—but in a way that wasn’t visible to the user. The technique worked by opening a Canvas and using the translate() and dispatchDraw() methods to position the ads beyond the viewable screen area of the infected device. The result: the app could report a revenue-generating ad click even though users saw nothing.
Read 3 remaining paragraphs | Comments
Read More