Cybervillains started using a new technique to gain an undeserved profit by stealing and altering legitimate Android applications to make them serve their evil purpose.
Kaspersky Lab experts came upon a situation where one of a popular developer's apps was stolen by another Android developer who modified its code and republished it as his own.
Jon Willis' Electric sleep is an app that was originally intended to improve sleep quality with a smart alarm clock.
“ElectricSleep is an alarm clock that records your sleep cycles and wakes you up gently during a light sleep cycle. The sleep data it records is saved and analyzed so that you can understand and improve upon your sleeping habits,” reads the software's description.
After comparing the rogue variant of the app with the original one, the Kaspersky researcher immediately noticed signs of tampering, since the stolen version required permission to access the user's location, a permission normally not needed by an alarm clock.
In addition, the shady version also came with a Pay-Per-Install library from a company called AirPush.
AirPush specializes in
pushing advertisements to end users through various apps, but the catch is that each of these ads actually generates revenue for the application’s developer.
Creators who rely on this library can earn up to $40 (28 EUR) for each 1000 impressions, which makes it clear why shady programmers would rely on it.
In order to detect potentially malicious apps, users are advised to check the permissions required by each application to function. If a simple utility requests access to areas that don't fit its profile, you're probably dealing with something that should be treated with suspicion.
Pay-per-install services are not illegal, but in some cases they can bring along some other pieces of malware, besides the fact that they're in most cases intrusive. The Market contains apps specially designed to detect and remove such software, which Android enthusiasts can rely on to make sure their gadgets are clean.
Find us on Google+
