Scammers Used Google AdSense to Drop Malware on Android Devices

GOOGLE ADSENSE TARGETED BY MALWARE MIMICKING AS LOGIN PAGES OF POPULAR WEBSITES AND APPS

Keystroke logging malware has become the most dangerous threat for security firms and users alike. It is a malware that has the ability to sneak into a system and steal usernames and passwords. Previously this threat was limited to laptops and PCs but now this malware has spread to mobile devices as well.

This malware is designed in a way that it impersonates login pages of popular applications and websites so that users enter their user names and passwords comfortably. Once this is done, the malware further entices the users to enter other critically important (and useful for hackers) information including social media account credentials, banking credentials and other such private data. Needless to assume, the information is received automatically by attackers.

Now, the news is that this particular malware has eyes on Google AdSense network. This was confirmed by Kaspersky Lab, a renowned security firm. According to the firm’s analysis, the malware gets downloaded when certain Russian websites are visited by users. The malware is so advanced that it doesn’t even need users to click on the infected ads but instead, it asks for admin rights and attempts to steal user credentials via showing fake login pages. It also intercepts and deletes text messages. The malware is particularly effective on Android devices.

Kaspersky researchers believe that this malware is an “a gratuitous act of violence against Android users.”

Furthermore, the security firm stated that the reason why this malware is succeeding in deceiving users is that it shows them login pages of their favorite websites or apps. “By simply viewing their favorite news sites over their morning coffee users can end up downloading last-browser-update.apk, a banking Trojan,” stated Kaspersky researchers.

In an email, Google’s representative explained that the issue has already been resolved and that there isn’t any indication that more than one websites were affected by this malware.