Cyber security expert Check Point Software Technologies has revealed a new Adware strain on the Google Play store, which has infected over 200 applications and affected over 150 million users around the world.
Most of the infected apps were simulator games making mobile phone use unbearable for the user by constantly displaying ads outside of the application with no visible way to uninstall the incriminating app.
The malware, known as SimBad exists within in ‘RXDrioder’ Software Development Kit (SDK) which is provided by ‘addroider.com’ as an ad-related SDK. Once downloaded, SimBad has ad spamming, phishing and exposure to open market app capabilities therefore allowing the hacker to attack the user by performing spear-phishing tactics.
Acting as an Adware, SimBad already has the infrastructure to evolve into a much larger threat. Check Point Researchers believe the developers were unaware they were being scammed into using the malicious SDK and the attackers intentions were for mass corruption as they did not target a specific country.
Check Point Researchers notified Google of the vulnerability and while the infected apps have been removed, it crucial for organisations to invest in the best technology for protection against destructive software supply chain attacks.
