Details on the Android Apps Removed

Google has made major changes to Playstore including the removal of 500 plus android apps from the marketplace after discovering advertising software being utilized by the apps was being exploited in order to install spyware on mobile devices. The decision came after researchers from Lookout, which is a cyber-security firm pointed out the issue of spyware being spread on handsets from the various advertising means. The spyware in the android apps has the ability to covertly siphon the personal data of different clients on their devices without alerting either the user or the app maker. Thus a lot of the app developers were actually unaware of the security issues.

The Nature of SDK Issue

The common denominator though was all of the affected android applications were using a software development which would assist the firms to target people with ads in the apps as according to the preferences of individuals and obtained from their user data. The researchers from ‘Lookout‘ also found the Iglexin advertising SDK within the apps caused them to communicate with external servers which had been confirmed to serve malware. It may be usual for apps to communicate in this manner with external servers, but the research firm noticed an incident where an app seemed to mysteriously download large encrypted files from the same servers. That meant that hackers were taking advantage of a bug within the SDK protocols that would spread corrupting/ infiltrative software after installation of the app on a mobile device. This is not the first time though that Google has purged apps from Playstore. Earlier during the month, both Apple and Google removed over 330 trading applications from online platforms after a review from the Australian Securities and investments commission which discovered that a number of the operators did not have required licenses to operate these financial apps. The apps also did not happen to mention the financial risk to the users.

Details on the Android Apps Removed

One thing is for sure, it had nothing to do with reputation or popularity. There was a weather app, for example, that was downloaded millions of times and an internet radio app with similar download ratings. According to Lookout, the android apps which specialized in health, travel, and education were prone to the SDK vulnerability. Apparently, the Iglexin SDK as found in a lot of apps through all of the categories on the Play Store. This is likely considering Iglexin happens to be an SDK which allows for the developers to create revenue through the use of targeted advertisements. Particular android applications had a bigger probability of using this Iglexin SDK over other application types though it is probably one of the larger advertising services.  So as to come up with revenue for the developer, it would collect a lot of information on the users. The collecting of this information would allow and direct the targeting advertisement based according to interests and browsing history that the SDK had picked up on.

The most exploitative function within the Iglexin code happens to be log exfiltration which allows the hackers to heist all manner of personal information from users. As the Android apps lack recall facilities, developers have to hope the users follow instructions for updating the applications, even though Google kept the majority of the 1.4 billion users safe from a variety of malicious software, there are still some which leak into its official store. In spite of the offending Android applications being removed, a lot of the users that downloaded the malicious applications are not likely to be aware they were potentially at risk even considering applications do not have a sort of recall facility to them and developers have to hope users follow their instructions which is the updating of applications.

Comments

Advertisement

comments