Discovered a Vietnamese student posting 42 Android apps containing malware on Google Play Store

ESET security researchers have discovered a student living in Hanoi, Vietnam who authored at least 42 applications containing adware malware to show ads to victims to make money from. them on the Google Play Store

Recently, ESET security researchers discovered a student living in Hanoi, Vietnam who authored at least 42 applications containing adware malware to show ads to victims in order to Make money from them on Google Play Store. Among them, there are applications that have been downloaded more than 8 million times. The new malware hidden on these Android applications is named as Ashas ESET.

Discovered a Vietnamese student posting 42 Android apps containing malware on Google Play Store Picture 1 — List of malicious applications detected by ESET, you should immediately remove from your computer if you are installing.

According to ESET, in the first versions, not all applications contained this malicious code. Therefore, this person did not hide his identity in those applications. This shows that it is possible from the beginning that this student intends to validate the applications business. However, that plan has changed and this person started injecting adware malicious code through application updates. However, the identity of the developer remains the same.

After infiltrating the app via updates, the Ashas adware malware works by displaying ads on full screen and even overlaying on other apps.

To avoid being detected, Vietnamese students carefully disguise the origin of these ads by imitating the logos of other applications such as Facebook and Google and showing them only after more than 24 minutes of user interaction. with an infected application.

Discovered a Vietnamese student posting 42 Android apps containing malware on Google Play Store Picture 2 — An application containing adware malware of Vietnamese students.

Discovered a Vietnamese student posting 42 Android apps containing malware on Google Play Store Picture 3 — ESET has tracked down Facebook of Vietnamese students who have posted applications containing adware.

ESET traced the student's personal accounts on GitHub, YouTube, and Faceboook from the email address he used to register domain names for adware.

For details on how ESET traces the author of this adware application, you can see it in the link below.

 https://www.welivesecurity.com/2019/10/24/tracking-down-developer-android-adware/

Discovered a Vietnamese student posting 42 Android apps containing malware on Google Play Store Picture 4 — The ads are disguised with logos of other apps and appear full screen.

Currently, applications containing this student's ad malware have been removed from the Google Play Store after ESET notified them to the Google security team. Even so, these apps still exist on third party app stores.

Victims hacked hackers' servers when they were caught paying ransom, rescuing thousands of other victims
New malware using web application has turned into a source of attack, very difficult to detect