Sixteen Android apps downloaded more than 20 million times have been found to be infected with the new Clicker malware, which facilitates mobile ad fraud, reports The Hacker News.
Clicker malware impersonates camera, QR code converter, note-taking, currency/unit converter, and dictionary apps, with "High-Speed Camera" and "Smart Task Manager" being the most prevalent malicious apps, a report from McAfee revealed. Installation and execution of the malicious apps prompts bogus website hopping and ad click simulation by the malware without the knowledge of victims.
Moreover, Clicker malware does not commence malicious activity within the first hour of the app's download and includes a randomized delay in an effort to remain stealthy.
"Clicker malware targets illicit advertising revenue and can disrupt the mobile advertising ecosystem. Malicious behavior is cleverly hidden from detection," said McAfee researcher SangRyol Ryu.
Google has already removed all of the reported malicious apps from its Play Store.
Malicious updates have been recently issued to the Python Package Index package "django-log-tracker," which was last modified in April 2022, to facilitate the distribution of the Nova Sentinel information-stealing malware, The Hacker News reports.