Google has removed 60 gaming apps from Playstore after researchers found out that they were infected with pornographic malware named AdultSwine.
The apps were removed after researchers from Checkpoint security firm discovered the malware in apps both available to children and adult.
According to Google Play data, these affected apps were downloaded between 3 million and 7 million times.
The affected displayed ads that ads are often highly inappropriate and pornographic.
The malware also tries to trick users to download fake security apps and ask users to register and pay for premium services.
Working of the AdultSwine malware
After installation, the malware contacts its Command and Control server (C&C) and reports the successful installation of the apps.
The malware then sends the data about the infected device and receives back the configuration which contains further instruction on the course of operation like which ads to display, over which apps, etc.
According to researchers from CheckPoint “ the ads being displayed, they come from two main sources; the first is that of the main ad providers, which forbid such illegitimate display of their ads. The second is the malicious code’s own ad library, which contains ads of an offensive nature, including pornographic ads. All these are displayed to children while playing the game that the app is masquerading as.”
As said the malicious app also tries to trick users to download harmful security apps by displaying an ad which claims user’s device is infected with a virus.
When user click the ‘remove virus now’ option “it is redirected to an app in the Google Play Store with a somewhat questionable connection to virus removal. An experienced eye could easily foresee this tactic, though a child playing a game app is easy prey for such nefarious apps.”
In the fake premium service case, users are displayed an ad saying they will win an iPhone if they answer four simple short questions.
When the user answers the questions, the malware asks users to enter their phone number to receive the prize. The malware uses this number to register for premium services.
“We’ve removed the apps from Play, disabled the developers’ accounts, and will continue to show strong warnings to anyone that has installed them,” said a Google spokesperson.
Some of the popular games which are infected by AdultSwine are Fit Night’s Survival Craft, Drawing Lessons Lego Ninjago, Addon Pixelmon for MCPE, McQueen Car Racing Game, Shin Hero Boy Adventure Game, Paw Puppy Run Subway Surf.
Parents or users are advised to remove these apps immediately if installed on your device. For more details regarding infected apps, you can visit here.