Discovered advertising software for Android, which affected millions of users

Anti-virus company ESET reported the discovery in the app store Google Play long malicious cyber attacks, which killed millions of Android users.

It is Noted that we found only 42 applications that belong to this campaign to spread adware; half of them were still available at the time of detection. Responsible for security team of Google has removed these apps after notice to the company, but they are still available in third party stores.

These applications provide the promised capabilities — simple games, online radio, downloading video, but also work as adware, with shared functionality. In total, these malicious applications were downloaded 8 million times over the last year.

Top 5 countries affected by family Ashas

Applications use different tricks in order to get on the device victims and to remain unnoticed: for example, do not show any ads until, until the device is unlocked. If the user tries to find out which application triggers the ads, the program will impersonate Facebook or Google.

Also it is interesting how the family of Ashas hides its code under the name of the com library.google.xxx.

In the process of analyzing applications ESET experts noticed that the Creator of the malware has left many traces. The researchers tracked the developer using information from open sources. He was the operator and the owner of command server.