As the Coronavirus outbreak continues to take a devastating toll on lives and communities across the globe, tech giant Google has implemented strict measures to safeguard the Play Store by curbing malicious activities. However, Check Point’s researchers have found a new malware family ‘Tekya’ that was operating in 56 applications and downloaded almost 1 million times worldwide.
Tekya Malware, which aims at committing mobile ad fraud, imitates the user’s actions to click ads and banners from agencies like Google’s AdMob, AppLovin’, Facebook, and Unity, the team at Check Point Research has revealed.
The Check Point’s researchers have identified that 24 of the infected apps ranged from puzzles to racing games for children while other were utility apps like cooking apps, calculators, downloaders, translators, and so on.
The research states that the Tekya malware family was not detected by VirusTotal and Google Play Protect. This is how it made way in 56 applications that could have been downloaded through Google Play store.
Under this attack by Tekya malware, legitimate popular applications were cloned to gain an audience, where in it mostly targeted children’s games. Now the respite is that these infected applications have all been removed from Google Play.
However, Android users need to be more vigilant while downloading app via Google Play as the platform can still host malicious apps. Mind you! Check Point’s researchers have stated, “There are nearly 3 million apps available from the store, with hundreds of new apps being uploaded daily – making it difficult to check that every single app is safe. Thus, users cannot rely on Google Play’s security measures alone to ensure their devices are protected.”
Meanwhile, Google is also identifying vulnerabilities and protecting its users from phishing. Google’s Threat Analysis Group (TAG) works to counter targeted and government-backed hacking against Google and the people who use its products.
“Upon reviewing phishing attempts since the beginning of this year, we’ve seen a rising number of attackers, including those from Iran and North Korea, impersonating news outlets or journalists. For example, attackers impersonate a journalist to seed false stories with other reporters to spread disinformation. In other cases, attackers will send several benign emails to build a rapport with a journalist or foreign policy expert before sending a malicious attachment in a follow up email. Government-backed attackers regularly target foreign policy experts for their research, access to the organizations they work with, and connection to fellow researchers or policymakers for subsequent attacks,” said Toni Gidwani, Security Engineering Manager at Google’s Threat Analysis Group.
Asserting that Google’s Threat Analyst Group will continue to identify bad actors and share relevant information with others in the industry, the search-engine giant said that its goal is to bring awareness to these issues to protect the users and fight bad actors to prevent future attacks.
For the latest gadget and tech news, and gadget reviews, follow us on Twitter, Facebook and Instagram. For newest tech & gadget videos subscribe to our YouTube Channel. You can also stay up to date using the Gadget Bridge Android App.