100 million Android users potentially affected by spyware from free apps

Android users potentially affected by spyware

There has been a report that more than 500 Android apps from the Google Playstore that have been downloaded 100 million times are infected with a malicious ad library that secretly distributes spyware to end users and has been found to perform dangerous operations without the user knowing it.

These Android apps were found by the folks at Lookout to have been using an SDK dubbed Igexin. The SDK offer targeted advertising to app developers since most of the apps in the Google Playstore are free to download. Igexin has been found to mostly affect these kinds of apps:

Designed by a Chinese advertising firm, the Igexin SDK helps app developers to serve specifically targeted advertisements to its users to create revenue for their free to download app. That’s all well and good for free to download apps, but the Igexin SDK was spotted by Lookout communicating with strange IP addresses that deliver malware to users without the app developers knowing what’s happening.

If the device has been infected, Igexin can gather logs of user information, remotely install other plugins to the device that could potentially record call logs or reveal information about the end user.

Google has mostly removed the apps using the Igexin SDK for their targeted advertisements from the Playstore. You can protect yourself, however, using Google’s own Google Play Protect that comes built-in with the upcoming Android Oreo update in the near future.

Exit mobile version