Thursday, June 04, 2015
Why can't Google Play prevent Dubsmash porn clicking malware?
The free app allows users to create selfie videos mashed up with music, and has been targeted by malware authors to act as a hidden 'porn clicker' app on numerous occasions over the last few weeks. The latest comes in the form of an app claiming to be 'Dubsmash V3', containing the same malware family, and has already been removed by Google. The app deletes its own icon after it has been run and the user quits the application, but then continues to run as a hidden background process where it will be loading web pages and clicking on advertising in order to generate revenue for the people behind it. The latest iteration of the malware app was downloaded around 5,000 times before Google spotted it. This begs the question: why can't Google deal effectively with such a malicious app which is using the same malware family variants and uploading them with similar application names under different developer accounts? It's hardly the act of a criminal mastermind, yet it seems to be having quite some success.