Malicious flashlight apps found on Google Play store
Whether you need to put your key in the lock on a dark night, or explore the depths of the cupboard under the stairs, having a flashlight app on your phone can prove useful.
But researchers at Check Point have discovered more than 22 different flashlight and utility apps harboring adware called, appropriately, 'LightsOut'.
The code, which generates illegal ad revenue for its perpetrators at the expense of unsuspecting users, is believed to have had more than 1.5 million downloads. Some users reported that they were forced to press on ads to answer calls and perform other day-to-day activities on their device. One user reported that the malicious ad activity continued even after purchasing the ad-free version of the app, taking the malicious behavior to a new level.
The malicious app offers the user a checkbox, as well as a control panel, in which they can enable or disable additional services, including the displaying of ads. The events that will trigger ads include establishing a Wi-Fi connection, ending a call, plugging in a charger or the screen being locked.
Even if the user chooses to disable these functions, LightsOut can override the decision and continue to display ads out of context. Since the ads are not directly connected to LightsOut's activity, the user is unlikely to understand what caused them, and even if they do, they won't be able to find the app's icon and remove it from their device.
Check Point has notified Google of the malicious apps which have now been removed from the store. You can find out more on the Check Point blog.