« Cryptocurrency Miner Infects Windows PCs via EternalBlue and WMIWhat happens when UK firms experience security attacks »

Chinese Advertising SDK Caught Stealing Data From Android Devices

22/08/17

  12:37:00 pm by Admin, Categories: News, Security, Android 101

An advertising software development kit (SDK) embedded in many legitimate apps has been secretly siphoning user data and sending it to the servers of a Chinese company.

Developed by Chinese firm Igexin, the advertising SDK was found in over 500 apps that were uploaded on the official Google Play Store and had been downloaded over 100 million times across the Android ecosystem.

Investigation started after noticing suspicious API requests

Researchers say they got on the trail of the Igexin SDK after they noticed that known malware samples were being downloaded on clean smartphones after the device made a request to the Igexin API server.
Following months of investigation, researchers from mobile security firm Lookout discovered that Igexin developers were using SDK legitimate functions to send malicious commands to legitimate apps.

Based on the permissions the legitimate apps received from users during installation, Lookout says it observed the SDK collecting all sorts of data from users' devices, but mostly call logs.

In addition, the SDK also forcibly downloaded and ran code contained in large encrypted files. This code aided the malicious behavior.
<--More -->

 Permalink

You must be logged in to see the comments. Log in now!

If you have no account yet, you can register now...
(It only takes a few seconds!)


Form is loading...