The popular computer security company, Check Point, has come across a new friend in the form of malware that has appeared on Google Play. This threat, under the name “Skinner”, is able to track the location and actions of users, as well as execute code on the affected device directly from your server.
The affected application which currently had more than 10,000 downloads from Google Play has been removed by Google immediately after the prompt notice of Check Point.
According to Check Point, Skinner is one of the most advanced threats that have gone through the Android ecosystem. It uses innovative and precise techniques to affect the victims’ devices, as well as avoidance strategies so that both the system and the users are unable to detect it.
The malware would have been found in an application that would have remained on Google Play for a little over two months, whose name has not been specified, although its description relates to a game and entertainment theme.
As for its operation, the malware itself contains a malicious library that appears on the device once the infected app has been installed. Skinner also uses binary obfuscation methods to prevent the system from identifying it as a threat. Once the user executes an activity, and after having analyzed certain conditions that must be carried out, the malware runs and sends information about the device to the server, such as the location or the applications that are open.
Once all these conditions are met, the malware displays advertising depending on the application that is running. According to Check Point, this is an innovative method that has not been seen so far in a threat of these characteristics. In this way, malware creators are able to get a greater amount of benefits even infecting fewer victims, I put it is much more likely to click on advertising if it is related to their interests.
As we said at the beginning, luckily, the application has already been removed from Google Play after the notice of Check Point. Even so, this is further evidence that even official apps stores are not completely safe, and the best thing to avoid being infected is to use common sense and not download applications that might seem unreliable to the naked eye.