top of page

KenSoul.TV Group

Δημόσιο·73 Μέλη

Programmer Calls Out IOS As Adware __EXCLUSIVE__


From 2018 to 2019, cybersecurity company Malwarebytes reported a 13% increase in consumer adware detections and a 463% increase in business adware detections, making adware its number-one malware category to watch.

Adware, also known as advertisement-supported software, is a type of software that displays ads. Adware can infect both desktop and mobile devices, including Macs, PCs, Androids, and iPhones. It sounds harmless enough, but some types of adware go to great lengths to turn your device into an advertising machine, such as:

This is a list of known malware (including spyware, adware, trojans, viruses, worms, and similar tools) that have targeted iOS, including jailbroken iOS. The dates are approximate dates when people discovered, publicized, or started discussing the tool.

A tweak developer who went by various names (Felix, FelixCat, isoftjsc, Martin Pham, Nitram88, Nobitazzz, Nobita.ZZZ, Sara_Nobita, sara_nobita_zzz, tuyentq2009, vietSARA) included adware in his tweaks. These were many free packages along with some paid packages sold via the Cydia Store, mostly distributed by default repositories (until the problem was discovered). The adware ran ads in the background of iOS, displaying off-screen so that the user wouldn't notice them, with the revenue from those ads going to this tweak developer. This was first reported in August 2012 on the ModMyi forum and analyzed in September 2013 (discussion on Reddit).

Muda (also called AdLord), discussed by Claud Xiao, is a form of adware for jailbroken devices. It has been in the wild at least since October 2013. He writes "It spreads via third party Cydia sources in China, and only affects jailbroken iOS devices. Its main behaviors include to display advertisements over other apps or in notification bar, and to ask user downloading iOS apps it promoted. "

This advertising SDK, mostly used by Chinese App Store developers, was discovered by SourceDNA to be abusing private APIs in order to collect more personal information than is allowed by Apple security and privacy guidelines, including the list of apps installed on a device, serial numbers of a device and internal components, and user's Apple ID email address. Youmi exploited a weakness in App Store review process and evaded detection by obfuscating private API calls using simple string manipulation. 256 apps with estimated 1 million downloads were found to be affected, including the official Chinese McDonald's app.

We identified 42 apps on Google Play as belonging to the campaign, which had been running since July 2018. Of those, 21 were still available at the time of discovery. We reported the apps to the Google security team and they were swiftly removed. However, the apps are still available in third-party app stores. ESET detects this adware, collectively, as Android/AdDisplay.Ashas.

All the apps provide the functionality they promise, besides working as adware. The adware functionality is the same in all the apps we analyzed. [Note: The analysis of the functionality below describes a single app, but applies to all apps of the Android/AdDisplay.Ashas family.]

First, the malicious app tries to determine whether it is being tested by the Google Play security mechanism. For this purpose, the app receives from the C&C server the isGoogleIp flag, which indicates whether the IP address of the affected device falls within the range of known IP addresses for Google servers. If the server returns this flag as positive, the app will not trigger the adware payload.

Because the real nature of apps containing adware is usually hidden to the user, these apps and their developers should be considered untrustworthy. When installed on a device, apps containing adware may, among other things:

Trend Micro reported that some of the apps served on Haima have millions of downloads, including Minecraft PE (68 million), Terraria (6 million), QQ (45 million) and Pokemon GO (1 million). On a different third-party app marketplace, Vietnam-ba

Σχετικά με

Welcome to the group! You can connect with other members, ge...


  • Liz Ogumbo-Regisford
  • Lazario Peepin
    Lazario Peepin
  • nhi linh
    nhi linh
  • teamseo buildlink2
    teamseo buildlink2
bottom of page