ContactsContract is the contract between the Contacts Provider and applications. For this, Google provides ContactsContract class. The Contact Provider is the source of data you see in the device’s contacts application, and you can also access its data in your own application and transfer data between the device and online services. Because it is the link to Google Play distributed through legitimate social media, users will download it without a doubt. To promote these apps to new users, the malware authors created advertising pages on Facebook.
These services also induce users to run an app when they install, uninstall, or update apps on their devices.įigure 4. The Malware hides itself by changing icons and namesĪutomatically executed services constantly display advertisements to victims in a variety of ways. Change their icon to a Google Play icon that users are familiar with and change its name to ‘Google Play’ or ‘Setting.’ Figure 2. In addition, they try to hide themselves to prevent users from noticing and deleting apps. When you install this malware on your device, it is executed without interaction and executes a malicious service.
But you may have to change your mind because of this malware. Users may generally think installing the app without executing it is safe. They exist on Google Play even though they have malicious activities, so the victim can search for the following apps to optimize their device. In addition, they run malicious services automatically upon installation without executing the app. However, this malware hides and continuously show advertisements to victims. Most of them are disguising themselves as cleaner apps that delete junk files or help optimize their batteries for device management. McAfee’s Mobile Research Team has identified new malware on the Google Play Store.
0 kommentar(er)
