Third Party Android App Store Doling Out Adware

Users looking for “cracked” Android files are in danger of running into a site that is peddling apps that are more or less a ploy to garner advertising clicks from unsuspecting users. The site, getwapi.com, boasts a collection of free, yet crooked looking downloads for Android phones including audio apps, Java apps, wallpapers, games and more.

Users looking for “cracked” Android files are in danger of running into a site that is peddling apps that are more or less a ploy to garner advertising clicks from unsuspecting users. The site, getwapi.com, boasts a collection of free, yet crooked looking downloads for Android phones including audio apps, Java apps, wallpapers, games and more.

Naturally there’s a twist. After being downloaded and installed, each app installs the same executable “dex file” — the file that would normally carry the application’s program files, according to research from GFI Labs. After the installation, there is no program, instead a Leadbolt advertisement appears. Leadbolt, an Australian mobile adware firm, relies on clicks to make money and regularly bundles adware with Android programs.

In the app the user is asked to wait 170 seconds or “click the advisiting for instantly download.” According to GFI, the fractured grammar is a scam to get users to hurriedly click the advertisement and in turn, earn money for the scammer.

According to the company’s Junior Threat Researcher Randall Griffith, even if a user were to click the ad, they’d still have to wait for the timer to count down. After waiting, users would not be able to download the app they intended and instead, according to Griffith, an error box pops up and the user is sent through the LeadBolt ad.

Even though most phones are programmed to forbid the installation of third party apps, alternative app stores like GetWapi continue to be a thorn in the side of Android security.

Last month Google introduced the Private Channel for Google Play in an attempt to help curb the further installation of potentially malicious applications. Organizations can now control which apps show up in the Private Channel and what can be installed on their employees’ devices. The step is one of the first by the company to help users stave off the installation of dangerous third-party applications and malicious apps that may have slipped past Google Play’s security checkpoint.

Suggested articles

Discussion

  • Jan on

    My trusty gingerbread android thingy won't load google play, being locked for most practical purposes to the SlideMe market. The only way to get it to do anything useful is to find the APK file somewhere else. I'd get my APK's from Google, but they won't let me, since the manufacturer didn't kow tow in the right way.
  • Pragyaware on

    After reading your blog i get aware about third party app store that they use adware when we download an android and Java app from their. When we download any app from their an adware is start downloading along with it.

     

     

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.