Sixteen Android apps downloaded more than 20 million times have been found to be infected with the new Clicker malware, which facilitates mobile ad fraud, reports The Hacker News.
Clicker malware impersonates camera, QR code converter, note-taking, currency/unit converter, and dictionary apps, with "High-Speed Camera" and "Smart Task Manager" being the most prevalent malicious apps, a report from McAfee revealed. Installation and execution of the malicious apps prompts bogus website hopping and ad click simulation by the malware without the knowledge of victims.
Moreover, Clicker malware does not commence malicious activity within the first hour of the app's download and includes a randomized delay in an effort to remain stealthy.
"Clicker malware targets illicit advertising revenue and can disrupt the mobile advertising ecosystem. Malicious behavior is cleverly hidden from detection," said McAfee researcher SangRyol Ryu.
Google has already removed all of the reported malicious apps from its Play Store.
Fifty percent more distributed denial-of-service attacks have been launched by threat actors during the first quarter of 2024 over the same period last year, with thwarted DDoS attacks increasing by 93% year-over-year, SiliconAngle reports.
Security Affairs reports that attacks with an updated iteration of the LightSpy iOS spyware using the "F_Warehouse" framework have been deployed against Southern Asian targets as part of a new cyberespionage campaign.
Operations of Russia's industrial sensor and monitoring infrastructure were claimed to have been disrupted by Ukrainian hacking operation Blackjack following a Fuxnet malware attack against Moscow-based underground infrastructure firm Moscollector, reports SecurityWeek.