in

Anti-Fraud Analyst Evina Detects Venus Malware On Google Play App Store

French anti-fraud solutions provider Evina discovered malware on the Google Play app store that has been downloaded more than 285 000 times by mobile users in 11 African and European countries.

The malware, dubbed Venushas been detected in eight apps so far and takes the form of a family of Trojan bots that have now made their way into Belgium, France, Germany, Guinea, the Netherlands, Morocco, Poland, Portugal, Senegal, Spain and Tunisia.

Venus malware – What you need to know

What does the virus do?

Of the eight Venus malware apps that were discovered by Evina, only one has been removed from the Play Store after being downloaded more than 100 000 times. Evina’s advice for mobile users is to avoid flashlight, scanner and wallpaper applications.

The purpose of the Venus malware – that has been attacking users since October – is to stimulate interaction with adverts and subscribe to premium services without the mobile user noticing. 

“The user’s browser is invisible during the interaction which makes this latest global mobile fraud particularly effective,” Evina security analyst Maxime Ingrao said.

Evina helped penetrate the veil of secrecy around Venus by building a honeypot around a network of 3G SIM card proxies. It was soon noticed that data allowances were being rapidly consumed by certain apps.

Codes of the apps were analysed by Evina engineers who soon encountered protected as well as missing files which together create a suspicious combination.

“This bot family are super smart as they never attack on the first day of installation and wait for the right time to launch more than one invisible browser,” said Ingrao.

Fraud on mobile phones

Anecdotal evidence suggests that fraudulent payments on mobile phones were on the rise. 

“By ensuring secure mobile payment, we are ensuring the long-term sustainability of mobile monetisation,” said Evina CEO David Lotfi.

He said that fraud on mobile phones was growing and that many anti-fraud solutions available were not suited to digital monetisation as they block genuine conversions and slow down or complicated user paths. 

“Once again, we see that mobile fraud doesn’t have borders. The only way we will stamp out the fake clicks and installs that threaten the profitability of the world’s entire mobile ecosystem, is to implement effective anti-fraud technology at API level,” said Lotfi.

Loading...

Written by Mathew

[g1_socials_user user="12" icon_size="28" icon_color="text"]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Rare Scotch Whisky Set To Fetch R29 Million A Bottle In Epic Auction

5 Ways Business Travel Could Change In 2020