Get in touch now on

+61 7 3480 5121

Google Play Removes 22 Malicious ‘LightsOut’ Apps From Marketplace
05 January, 2018
This post was originally published on this site

Nearly two dozen Android flashlight and related utility apps were removed from the Google Play marketplace after researchers found a malicious advertising component dubbed “LightsOut” inside them. In total, the apps were downloaded between 1.5 and 7.5 million times.

Security researchers at Check Point researcher discovered the family of malicious apps that “generated illegal ad revenue” via tricking users into viewing and clicking on ads displayed on their mobile phones.

“As some users noted, they were forced to press on ads to answer calls and perform other activities on their device,” wrote Check Point in a blog post outlining its research on Friday. “Indeed, another user reported that the malicious ad activity continued even after he purchased the ad-free version of the app.”

Check Point researchers discovered the apps in November on Google Play and within a week of notifying Google of the malicious activity all 22 apps were removed. The oldest of the apps booted first appeared on Google Play in Sept. 2017.

Researchers said developers used the malicious APKs, identified as Solid SDKs, and malicious code called LightsOut in a wide range of Android utility applications. The most popular was a smartphone call recording app downloaded 5 million times and an app that saved wifi login credentials, which was downloaded 500,000 times.

Researchers suspect the malicious app developers were able to trick Google Play Protect, which scans both new and existing apps for malware, spyware, and trojan viruses, because each of the apps’ permissions were transparent to the user when installing.

“LightsOut is seemingly legitimate since it requests permissions from the user to provide different services, and allows him to approve or disapprove these services and accompanying ads,” researchers wrote.

However, what victims didn’t anticipate was LightsOut’s ability to use scripts to override a user’s decision to disable

read more ...

What our
Clients say

Product Finder

Search for products that match of these criteria:

 + Add row
System Diagnostic

  • Do you have five or more computers?
  • Do you have a server?
  • Is your data critical to your business?
  • Do you think IT could perform better?
  • Are you concerned about your IT security?
  • Do you need to be kept up to date?
  • Would you like your IT maintained?
Product Finder

Search for products that match of these criteria:

 + Add row



Phone:07 3480 5121

Address: 8 - 37 Flinders Parade, North Lakes

QLD 4509 Australia

Post: PO Box 128, Burpengary

QLD 4505 Australia