GFI Labs experts have issued an alert to warn users about a suspicious Android app market called GetWapi. At first glance, the site appears to offer all sorts of applications but, in reality, they all hide a piece of adware.
Regardless whether they download the YouTube app, the Facebook app, or various games, users are presented with the same dex file which calls a program named “Cracked App.”
Once installed, the app – which requests permission to access location, network communications, phone calls and system tools – starts pushing all sorts of advertisements via the LeadBolt ad network.
LeadBolt advertisements are highly intrusive, popping up even outside the application. Furthermore, it’s not an easy task to get rid of the ads without clicking on them and implicitly generating a profit for the developer.
GFI’s VIPRE Mobile security solution identifies Cracked App as Adware.AndroidOS.Leadbolt.