Friday, December 13, 2024

Aggressive adware: PDF reader for Android with millions of downloads

Date:

IT security researchers at Malwarebytes have discovered aggressive adware on the Google Play Store that poses as a PDF reader. However, it also displays full-screen advertisements when users are not using it.

The app appears to be a pure slingshot of spam. Malwarebytes researcher reports that after installing it from the app store, it takes a few hours for the first ads to appear. Adware writers want to make it more difficult to track down the offending application. However, after a few hours, the smartphone even reports acoustically and plays a notification tone. After unlocking the screen, a full screen advertisement covered the screen; sometimes even promotional videos.

The logs showed that the adware developers’ own Ad SDK loaded and displayed these ads. Ad SDKs are pre-built ad libraries that app developers can connect to. They generally only display ads within the app being used, within acceptable limits, and generate revenue for the app developers; this is often what makes free versions of the app possible.

However, thanks to its own ad SDK, PDF viewer developers are not subject to the usual restrictions and therefore can display aggressive advertising. However, then it is an adware. That means the well-known category of malware.

However, some properties of the app are already negatively noted in the app store. Malwarebytes researchers find the name of the developer, for example fairy games suspicious: why would such a company develop anything other than games? In addition, the application was marked with the age group “Over 17 years”. A PDF reader shouldn’t have an age limit. have in the meantime ad app developers also adjusted this.

What is also striking is that with more than a million downloads, around 1,500 reviews were submitted, of which only five also contain a text. According to them, the application does not even display PDF files, but offers to save them. Other users complain about the spammy nature of the app.

Currently, the app can still be found on the Google Play Store and can still be installed. However, Android users should be aware if you have “PDF Reader: View Documents” by Fairy games on your phone. The package name is com.document.pdf.viewer. The malicious app can be quickly uninstalled through the app info or app list in the smartphone settings. In the Malwarebytes report there are some more details.

From time to time, apps with malicious intent appear in the app store. About a month ago, Google released eight apps with more than three million downloads from the store that scammed users into signing up for premium services. A week ago, Bitdefender detected 35 malware apps with more than two million installations, which Google subsequently banned from the Play Store.


(DMK)

to the home page

Ebenezer Robbins
Ebenezer Robbins
Introvert. Beer guru. Communicator. Travel fanatic. Web advocate. Certified alcohol geek. Tv buff. Subtly charming internet aficionado.

Share post:

Popular

More like this
Related

Practice Acrylic Nail Techniques Without Needing a Fake Hand

When you're starting your journey with acrylic nails, practice...

Inside the World of Common Snapping Turtles: Behavior and Habitat

The common snapping turtle (Chelydra serpentina) is one of...

How to Use Video Marketing to Promote B2C Products?

Video marketing has emerged as a powerful tool for...

Adapting to Change: The Future for Leopard Tortoise Environments

Leopard tortoises, known for their striking spotted shells and...