“LightsOut” malware found flashlight apps

Most of us do not install any android apps that do not come from Google’s Play Store. After all that is the only place from which we can 100% that the apps we download are safe, right?

Unfortunately, even Google’s official apps store can fall behind the latest cyber threats. On the 5th of January, Check Point research has identified 22 Flashlight apps (from Google Play Store) that had a malware hidden in them. Their findings show that the infected apps have been downloaded between 1.5mil and 7.5 downloads.

“LightsOut” embeds malicious code in seemingly legitimate flashlight and utility apps. This code can act in two ways:

  1. When the app is launched for the first time, the icon is hidden in order to make harder the process of getting rid of it.
  2. The app prompts the user with a checkbox and control panel. But these two are only a facade, in fact even if the uses chooses to hide the adds; the app will override that option.

We all know that most of these utility apps can be used for free, at the cost having some annoying apps appear here and there. It seems even after purchasing the paid version of the app, the adds would keep rolling.

Moreover, the adds will be displayed out of context. And since there is direct connection between the app and the adds, even if the user realizes what is happening; the app has already hid its icon.

The add would be triggered by actions that have no connection with the app, such as: charging the phone, ending a call, connecting/disconnecting from a WiFi connection, or locking your screen.

What is the aim of  “LightsOut”? To get as much revenue as possible form forcing users to interact with obtrusive adds that are triggered being trigger as often as possible.

Before downloading, a flashlight app, remember that almost all new android devices have that option already built-in. Swipe down to open the setting menu, and there should already be an option called “Torch”.  Although, it is not as fancy as the Flashlight apps, I am pretty sure you just want to use to look for your keys, and not power up a Rave Party.




One thought on ““LightsOut” malware found flashlight apps

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s