From CNET: Hundreds of apps were packed with adware that could compromise your phones, researchers found.
Security researchers from Check Point found malicious code in 210 Android apps on the Google Play store, that had been downloaded nearly 150 million times. The malware was hidden inside a software development kit (SDK) on these apps, which was used for advertising purposes.
The infected apps were able to display background ads, open the browser to any page, and download more malicious apps from either the Google Play store or a remote server, Check Point's researchers said. The new browser page could lead to phishing websites -- with pages that look real but are designed to trick people into revealing their login credentials.
There was also code on the SDK that allowed the malicious app to delete its own icon, making it harder for victims to delete.
While these apps were fully capable of all this, the only malicious activity they had seen it doing was showing ads, Jonathan Shimonovich, a group manager at Check Point, said in an email.
View: Article @ Source Site