Flashlight App Spews Malicious Ads

Not all Android phones come with a built-in flashlight feature in its operating system. Users would have to download flashlight apps to have this utility on their phone. Chances are, these apps will come with updates and ads. Imagine that, flashlights with updates and ads. And while this may seem normal with how apps operate, one flashlight app that’s available in Google Play shows ads that goes beyond the annoying and tells users that their mobile unit is infected with malware.

Super-Bright LED Flashlight on its own is a safe application. However, when a user runs the app, a webpage opens and tells that their device is infected with malware and has a broken battery. The webpage also advises users to install an Android optimizer and anti-virus app to resolve these issues. When we checked the app, the ad was not part of its routine.

ransomware_screenshots

Figure 1.Warning window launched when using the app

Virus is found in your Sony Xperia Z5 device and the battery is infected with virus and become broken.

4 minutes 42 seconds

How to repair the battery:

Step 1: Click the button below, then go to Google Play Store to install the recommended anti-virus application for free

Step 2: Launch the application, clean all virus and fix the battery

Step 3: Keep this application at least 3 days to clean all virus completely and avoid further attacking.

Text in the button: “Clean Battery Virus Now”

Trend Micro detects Super-Bright LED Flashlight as AndroidOS_FlightAd.A . According to the app’s download page, it has already been downloaded by 6 million users. As much as users are affected by this blatantly misleading ad, it is just as harmful, if not, even more damaging for the app itself. Users have already pointed this issue out and are lashing out by giving the app the lowest possible ratings, accompanied by negative reviews.

ransomware_screenshots

Figure 2. Recent reviews of Super-Bright LED Flashlight

In these cases, developers such as Surpax Inc. are not entirely at fault. Again, they were not the ones who made the false ad. However, it should be their responsibility to monitor the ads shown in their application. If they don’t, it may lead to materials such as the one appearing in the flashlight app. In even graver cases, these ads may scare or trick users into downloading malware. Trend Micro has contacted Google Play and other app stores where Super-Bright LED Flashlight is available, advising them of this issue. Mobile users should be careful with mobile ads in general. At the same time, app developers should be aware of incidents that may harm their product’s reputation. When choosing an ad network, developers should do their due diligence before allowing ad networks to put up possible harmful ads. The malicious quality of these apps may lead to blacklisting of the app, depending on its severity.

For users, we advise the installation of a trusted security software in their mobile devices to protect it from malicious apps and threats. Trend Micro Mobile Security and Trend Micro Mobile Security Personal Edition protects users from this threat and other related threats. Trend Micro Mobile Security Personal Edition is available on Google Play.

Additional SHA1s for related files:

  • C97D54AA5BAF13E6113082F5C481E0A08F398925

With additional insight by Michael Hwang

 

 

Post from: Trendlabs Security Intelligence Blog – by Trend Micro

Flashlight App Spews Malicious Ads

from TrendLabs Security Intelligence Blog http://ift.tt/1Xucr5s

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s