Cybersecurity firm blames Chinese developers for new malware that floods devices with unwanted ads
FireEye, a known cybersecurity firm, has just found out that another mobile malware has somehow cemented its presence in more than 20 nations. The new malware, nicknamed Kemoge, works by flooding devices with unwanted advertisements.
FireEye discovered that Kemoge has been embedded in legitimate apps that are offered by third-party app stores. Tech users are tricked into installing the apps with Kemoge when they click the ads.
"This is another malicious adware family, possibly written by Chinese developers or controlled by Chinese hackers, spreading global scale that represents a significant threat," Yulong Zhang of FireEye wrote on the FireEye blog.
Once the hackers manage to upload the infected apps on third-party app stores, device owners are tricked into downloading them, making them believe that they are about to save a legit app. Tech Times has pointed out that some apps have even become more aggressive by gaining root privilege. When this happens, the hackers are able to automatically install their infected samples into the devices.
Once Kemoge is launched, the device's information, such as storage data and the unit's IMEI and IMSI, is obtained. These details are then uploaded to an ad server. Afterward, the device owner will then be bombarded with multiple useless advertisements. Ad banners will periodically pop up, regardless of what the device owner is doing -- sometimes even when the unit is on standby.
Kemoge has managed to stay hidden for so long since it has been successful in avoiding detection. The malware was able to accomplish this by merely running the malicious code for a relatively short period of time once launched. For others, the software only automatically launches its malicious code 24 hours after it was installed.
The malware has concealed itself so successfully since it is usually repackaged into an app that has names similar to pretty common ones, such as Talking Tom 3, Calculator and Light Browser.
Contact writer at feedback@ibtimes.com.au, or let us know what you think below.