HiddenAd
High-level Description
- Year: 2018
- Blog: https://nakedsecurity.sophos.com/2018/03/23/crooks-infiltrate-google-play-with-malware-lurking-in-qr-reading-utilities/
This malware application aims to push full screen ads to the user. The malware implements an alarm based on application launch, and boot/network system events to routinely leak device information to the malware developers server. It then retrieves commands from the server and disruptively pushes ads to the user. The malware dynamically registers device status system events that push ads disruptively to the user depending on the commands from the server.
Signature
The image of the signature can be downloaded here for closer inspection.