adware
Latest
Hackers are already targeting Apple's M1 Macs with malware
A security researcher found adware that was specifically designed for the new processor.
Google is cracking down on apps with 'disruptive' ads
Google's Play Store is a pretty open platform. While that can be a good thing for users and app developers, some bad actors can take advantage, either through malware or obnoxious ads. Today, the company announced that it has removed nearly 600 apps from the Play Store -- and has banned them from its ad monetization platforms -- because they repeatedly violated Google's disruptive ads policy. Unfortunately, those apps have already been installed over 4.5 billion times, according to BuzzFeed News.
Sneaky tactics lead to millions of malware-laden Android app downloads
Reports of malware-laden Android apps with millions of downloads are becoming a monthly occurrence. Google recently removed 25 more apps from the Play Store after Symantec discovered that they shared similar malicious code structure. These apps, which seemed like benign photo and fashion apps, were downloaded by users over 2.1 million times.
Google pulls 85 Android apps with particularly obnoxious adware
Google has removed 85 apps from the Google Play store after security researchers at Trend Micro found a particularly annoying adware scheme hiding inside.The adware, called AndroidOS_Hidenad.HRXH, was embedded in fully functioning photography and gaming apps that were installed over 8 million times. The apps exploited common Android functions to detect when the user unlocked their phone, triggering ads that were typically five minutes in length and were difficult to skip. They would also replace their icons on the home screen with a shortcut so that even if the user dragged what they thought was the app into the trash, the app would remain functioning on the phone.
Facebook sues two app developers for click fraud
Facebook has filed a lawsuit today against two Android app developers for infecting their users with malware that faked clicks on ads. Both the Hong Kong-based JediMobi and the Singapore-based LionMobi were a part of the social media giant's Audience Network. The program lets Facebook's advertisers host their ads on participating mobile apps, whose developers receive a payout if a user clicks through. In the case of JediMobi and LionMobi, Facebook alleges that many of ad clicks generated through their apps weren't from an actual human.
'SimBad' Android adware was downloaded nearly 150 million times
As much as Google has done to keep malware out of the Play Store, some notable examples still get through. Google has pulled 210 apps from the store after Check Point researchers discovered that they were infected with the same strain of adware. Nicknamed "SimBad" based on the abundance of infected simulator games, the code hid in a bogus ad-serving platform and created a back door that could install rogue apps, direct users to scam websites and show other apps in stores. Check Point believes the apps' developers were tricked into using the platform.
That 'Fortnite' cheating app is probably hiding malware
Malware writers and scammers love to exploit demand for popular games to ensnare unwitting victims, and that's truer than ever for a near-ubiquitous game like Fortnite. Rainway has discovered malicious Windows adware hiding in a cheat that promised both an aimbot and free in-game V-Bucks. Install it and it immediately alters Windows to serve its own rogue ads, creating a man-in-the-middle attack (with Rainway as an unwitting participant) by loading its own root certificate and routing all internet traffic through a proxy.
Report finds Android malware pre-installed on hundreds of phones
Even if you're careful about avoiding sketchy websites and apps, there's nothing you can do if your smartphone has malware built in. That's actually the case with hundreds of different smartphones, according to Avast Threat Labs. The researchers found adware installed mostly on devices not certified by Google from manufacturers like ZTE, Archos and myPhone. Users with affected phones will see popup ads and other annoying problems, and because the adware is installed on a firmware level, it's incredibly difficult to remove.
Android malware found inside seemingly innocent QR code apps
Google is getting better at keeping Android malware out of the Play Store, and that's leading attackers to use more sophisticated disguises for their rogue apps. SophosLabs has proof: it just detailed a recent ad-spawning malware strain, Andr/HiddnAd-AJ, that slipped into Google Play through innocent-looking QR code and compass apps. While that's nothing new by itself, the malware used a pair of tricks to feign innocence. The hostile code was buried in what looked like a regular Android programming library, and it didn't kick in until 6 hours after you've installed it.
Verizon flirted with more bloatware for its devices
Engadget parent company Verizon apparently wants to litter your phone with even more crap you don't want. Pre-installed apps from its brand partners would arrive with your new handset from Big Red, according to a report from AdAge. The publication's sources say that it'd cost advertisers between $1 and $2 per device. Verizon supposedly started pitching the idea to retail and finance companies late last year. Apple's tight grip on how iOS works means that this would only be available to Android customers, where the apps would download automatically when a new handset was activated.
New strain of Android malware is 'virtually impossible' to remove
Do you remember the bad old days of computer viruses so invasive that it was easier to nuke your software and start over than fix the problem? They're back... in mobile form. Lookout has noticed a trend toward Android malware that masquerades as a popular app, but quietly gets root-level access to your phone and buries itself deep in the operating system. If that happens, you're in serious trouble. Unless you can walk through loading a fresh ROM or carefully modify system files over ADB, it may be easier to just replace the device, or have your phone company reflash it -- a simple factory reset won't get the job done. Some of the bogus apps are little more than shells for ads, but others will work properly while they compromise your device.
Adware found in MacUpdate's Skype Installer package
Long-trusted software site MacUpdate has apparently gone the way of its competitors: It has been tainted by adware. A Twitter user tried to download a Skype Installer package from the site and discovered that all was not as it appeared. The file looks normal at first and when opened you're prompted with a user agreement that people generally just click past, but it's here that gives the installer the right to change browser settings and add a "search-assist" browser extension. This type of software-trickery is identical to those used by InstallCore adware and as soon as the Skype agreement is confirmed, an InstallCore browser is added to Safari. It's usually wise to download software from the developer's site but the appeal of MacUpdate was that it acted like a one-stop-shop of sorts, carrying with it a strong reputation for reliable downloads. Now, with this news coming to light, maybe it will have to be added to the boycott list right under Download.com and Softonic.
A fight is brewing over ads in the 'open-source Photoshop'
Far from just being that character in Pulp Fiction, GIMP is also an open-source alternative to Photoshop that's given away freely for all to use. Unfortunately, there's been a kerfuffle between the project's creators and SourceForge, one of the places that the software is available to download. The latter stands accused of adding for-profit adware to its version of GIMP, which is a big no-no amongst the free and open-source software community. In a posting to Google+, SourceForce is alleged to have frozen out GIMP for Windows rep Jernej Simončič and subsequently injecting malicious code into the build to trap unwitting users.
Your free Android apps talk to thousands of ad sites
If you've used ad-sponsored Android apps, you've probably wondered where those ads are coming from, and whether or not there's anything to be worried about. According to French researchers, you have a reason to be cautious. They've found a way to automatically scan Android apps for connections to advertising and user tracking sites, and some of those programs are more than a little dodgy. A selection of 2,000 free Google Play apps connected to a whopping 250,000 sites spread over 2,000 domains. Most of them talk to only a handful of sites (Google's ad services dominate the top 10), but 10 percent connect to 500 or more -- one egregious offender links to over 2,000 sites. Only 30 percent of the apps talked to user tracking sites, but some of those were communicating with 800 or more addresses.
Google shows how it fights apps that insert unwanted web ads
It's bad enough when apps add unwanted toolbars and buttons in your browser, but it's especially irksome when they inject ads. It's no fun to have a technical support scam interrupt your web reading, after all. Google clearly hates this rogue software as much as you do, though, as it just outlined what it's doing to fight ad injectors. In Chrome, the company's tougher extension rules and malware blockers theoretically prevent code from inserting ads without your say-so. Google is also refining its techniques for catching bad extensions, and its AdWords policies prevent advertisers from offering shady downloads.
Oracle's now dumping Java crapware bundles on your Mac, too
Since megayachts aren't going to buy themselves, Larry Ellison's Oracle has been picking up extra cash for years by slipping adware to Windows users via its ubiquitous Java software. If you felt smug because you were on a Mac, guess what! Installing Java on your OSX-equipped MacBook could now lead to an unexpected encounter with the dreaded "Ask.com" toolbar, too. Though not as dangerous as SuperFish, the program will hijack your browser's search functions and delivery iffy, ad-laden results while being tricky for neophytes to remove. If you don't pay attention during installation, you can easily end up with it, as you need to purposefully opt out to avoid it.
Lenovo strips some of the unwanted software from its PCs
Lenovo said it was rethinking its approach to pre-loaded software on PCs in the wake of the Superfish security fiasco, and it's now clear that the computer maker wasn't kidding around. It's promising that its home PC software bundles going forward will be limited to Windows, in-house apps and security software. The only exceptions will occur in certain countries, where some third-party apps are "customarily expected." That IdeaPad or Yoga won't be truly bloatware-free (that would limit you to Windows alone), but a lot of the annoying and potentially dangerous cruft will be gone. Just be prepared to wait a while before you see leaner, cleaner Lenovo computers. The system builder is starting to tidy things up right away, but its effort won't be in full swing until Windows 10 arrives.
Lenovo wants cleaner software bundles to avoid security disasters
Lenovo was quick to stop preloading Superfish and clean up its immediate PC security problem, but what about preventing problems going forward? Well, you can relax a little -- the company is thinking about the long term. In an open letter, technical chief Peter Hortensius reveals that Lenovo is investigating a "wide range of options" to avoid software that poses a threat to your data. Among its choices are preloading a "cleaner" software bundle (definitely our pick) and consulting with both security experts and regular users to determine what programs it should use. The computer builder doesn't have a firm plan of action yet, but it's promising one by week's end -- while you probably won't see truly bloat-free Lenovo PCs, your next IdeaPad or Yoga should have a bit less cruft.
Daily Roundup: build your own PC, Lenovo adware and more!
Are you thinking about putting together a new PC? Check out our handy guide to help get started. In other news, some Lenovo PCs have been found shipping with factory-installed adware, Sony could scrap its mobile business and a new lawsuit filed against Apple alleges that the company poached a number of engineers for an electric car battery project. All that and more can be found just past the break.
Lenovo will stop preloading Superfish adware on PCs
Lenovo found itself in a bit of hot water when some customers started noticing weird sponsored links in the search results on their brand-new PCs. The culprit it turns out was a little piece of adware called Superfish the company was shipping on laptops. The company listened to customer complaints and turned off the server-side portion of the app in January. It also stopped preinstalling Superfish on new machines around the same time. While Lenovo said originally that it had "temporarily removed" the software from new machines while its developers worked on an update to address concerns, it now says that it will not preload the software ever again.
