Security firm Check Point today revealed it had discovered malware on the Google Play store disguised as childrens games — malware that gives kids ads not suited for their age group. Checkpoints report on the malware warns it shows pornographic ads which would obscure the actual game, including one featuring a picture of Kim Kardashian — fittingly, the code is called AdultSwine. In some cases, the virus would prompt users to download fake anti-virus software. In others, it would try to trick them into entering their phone number. According to Reuters, the ads appear in apps with titles aimed at kids, like Drawing Lessons Lego Ninjago. Im assuming the thought process is that kids will mindlessly click on a pop-up if they think it will get them back to the game faster — not that adults dont do that, too. The games named by the researchers have since been removed from the Google Play Store, though Check Point warns that it likely wont be the last time parents see such malicious activity: Indeed, these plots continue to be effective even today, especially when they originate in apps downloaded from trusted sources such as Google Play. When asked for comment, Google emphasized that none of the malicious apps were part of its Family collection, nor were the ads from Google. According to a spokesperson: Weve removed the apps from Play, disabled the developers accounts, and will continue to show strong warnings to anyone that has installed them. We appreciate Check Points work to help keep users safe. Updated with new information from Google.
Google removes 60 apps packing the "AdultSwine" malware. Sixty games were booted off the Play Store after security firm Check Point discovered that they contained pornographic ads and malicious components. Before their removal, the games were downloaded between 3 million and 7 million times, according to the download metrics on the Play Store. The malware is dubbed "AdultSwine," and according to Check Point Research, it had three main features: The 60 listings in the Play Store were generally knockoff games, like "Five Nights Survival Craft." In some cases, the creator simply stole a real IP, as in "Drawing Lessons Angry Birds. " Once installed, the app would phone home, sending information about the user's phone and receiving instructions on how to operate. The app could hide its icon, making removal more difficult. Check Point says the malware could display ads from "the main ad providers" or switch to its own ad server, which provided porn ads, scareware ads, and ads that tricked the user into signing up for premium services. AdultSwine not only displayed ads while users played the game that came with the malware; it could also show pop-up ads on top of other apps. Google removed the apps once it was notified of them, telling the Financial Times, Weve removed the apps from Play, disabled the developers accounts, and will continue to show strong warnings to anyone that has installed them. We appreciate Check Points work to help keep users safe. Google does automated malware scanning of apps submitted to the Play Store, leading to a continual cat-and-mouse game of malicious developers working to beat the filters in various ways.