Some security experts from ‘SecureList by Kaspersky’ have noted that they have found a malicious code in one of the recent versions (3.17.18) of the Official APKPure app. The apps inside are not in themselves affected by malware, but the main client app for such a vast library of apps to be infected with adware makes it a very troubling issue.
Note: APKPure is not present in the Play Store, but it is, in itself, a very widely popular app store for old or discontinued apps outside the play store.
Here we have presented the complete discussions of Adware infections in different Play Store apps and other Third Party apps over time.
The Security Researchers from Kaspersky affirmed that they had contacted the developers of APKPure on April 8, and they promptly fixed it by releasing a newer updated version of the Client App (Version 3.17.19).
You can see the version history of the app here.
When the user opens the app, the payload will be decrypted and launched. Then, the user’s device information is sent to the C&C server. The Response from the user will enable the malicious code to:
- Show ads when the device is unlocked
- Open browser pages with ads repeatedly
- Load additional viruses, malware, or adware
Depending on what the user’s OS is and what sort of updates they receive, the adware can install extensions that can even control the whole device and become irremovable.
Similar Incident with CamScanner
The security experts from Kaspersky also had reported the same kind of threat with the popular PDF Creator app CamScanner.
They found a malicious dropper component in the app’s advertising library, labeled later by Kaspersky Solutions as Trojan-Dropper.AndroidOS.Necro.n.
The working process is almost the same as the APKPure one:
- To decrypt the code and executing it
- To download additional modules from different URLs
- To run the code, then
The developers of this app were also made aware, and they fixed the problem.
How safe are we?
Well, not that much. The blog of Kaspersky Solutions includes hundreds of posts regarding the findings of dangerous Viruses, Malware, or Adware sneaking into the apps and destroying user information or changing them as they want or using them. This is getting filthier day by day with more and more apps being infected. It looks like there is no escape from such actions.
That being said, we all can take up some measures to stay at least safer than most others:
- Never install anything from outside the Google Play Store. If you do, you are on your own.
- Never give apps the permissions without at least reading once what sorts of licenses they are asking for.
- Never make any app system administrator or give system privileges.
- Never make any third-party app default of anything.
- Always double-check your third-party app installation sources from verified bug reporting and malware reporting sites.
- If you can, always keep a paid antivirus for your Android.
- And at last, be careful of what the apps make you do!
Nobody can guarantee that an application/software/website is 100% safe or that a breach through the firewall is impossible. Even then, we know about the possible side effects of using a third-party app vs. an official app from the Play Store or, I know you people are reading this, App Store.
For not facing any unwanted situations, stay following us, stay updated, STAY SAFE.