SimBad, el malware para Android presente en 206 apps en Google Play

Juan Cascón Baños

hace 6 años

SimBad, el malware para Android presente en 206 apps en Google Play

Categorías: Destacada, Móviles, Seguridad, Tecnología

Los investigadores de seguridad del equipo Mobile Threat de CheckPoint han descubierto una nueva campaña de adware en la plataforma Google Play Store. El malware, llamado SimBad, fue encontrado en 206 aplicaciones del market y ha recibido casi 150 millones de descargas entre todas ellas.

Provoca una campaña masiva de ‘adware’ móvil por medio del cual se muestran anuncios fuera de la aplicación sin que exista posibilidad de desinstalar dichas aplicaciones.

Ya ha descubiarto como se producía al incluir SDK o kit de desarrollo de software RXDrioder, proporcionado por addroider[.]com como un SDK relacionado con anuncios, el que incorporaría el código malicioso a las aplicaciones desarrolladas con él.

Simbad es una vulnerabilidad descubierta por Check Point Software Technologies, empresa especializada en ciberseguridad, que puede provocar desde la aparición de cientos de anuncios, en el momento que se instala cualquier aplicación que contenga este ‘adware’, hasta el robo de los datos personales de la víctima, a través de estas ‘apps’.

Las actividades que SimBad puede desarrollar se dividen en tres grupos: la muestra de anuncios, ‘phishing’ -suplantación de una fuente legítima-, y la exposición de estos datos a otras aplicaciones. Este sistema consigue abrir una ‘url’ en un navegador, ya que el criminal detrás de este ataque genera páginas de ‘phising’ que abre en el navegador del usuario.

El atacante detrás del virus es capaz de aumentar sus beneficios abriendo las aplicaciones infectadas a través de una búsqueda mediante un palabra clave. Asimismo, puede instalar una ‘app’ para uso remoto desde un servidor a través de la cual lanzará nuevos elementos de ‘malware’.

Las 206 aplicaciones infectadas –principalmente simuladores– utilizan un Kit de Desarrollo de Software (SDK) malicioso para llevar a cabo estas operaciones, explica Check Point, y muestran características comunes como anuncios fuera de las aplicaciones, apertura constante de Google Play, inicio del navegador con enlaces generados por el desarrollador, ocultación su icono de inicio, o descarga archivos APK.

Aunque las aplicaciones se han identificado para Android, también están disponibles para iOS. Por ello, los usuarios Apple infectados deberán acceder al ‘Menú de Ajustes’, ir a ‘Safari’, en la lista de opciones seleccionar ‘bloquear pop-ups’, tras lo cual deberán ir a ‘Avanzado’, acceder a ‘Datos Website’, y una vez allí borrar todas las páginas que no sean conocidas.

Google ha eliminado de su tienda todas las aplicaciones afectadas tras recibir el aviso. Sin embargo es posible que estas aplicaciones maliciosas se encuentren disponibles en otros markets. Si tu smartphone tiene estos síntomas. por favor revisa las últimas apps instaladas y elimínalas. Debesacceder al ‘Menú de Ajustes’, seleccionar el ‘Gestor de Aplicaciones’, ir hasta la aplicación sospechosa y desinstalarla. En el caso de que no se encuentre, deberán borrar todas las aplicaciones instaladas recientemente.

Más información: SimBad: A Rogue Adware Campaign On Google Play

Os dejamos las lista de las apps infectadas. Si tienes alguna por favor quitala de tu móvil

Lista de aplicaciones infectadas por SimBad:

Nombre del paquete	Nombre App	Nº instalaciones
com.heavy.excavator.simulator.driveandtransport	Snow Heavy Excavator Simulator	10,000,000
com.hoverboard.racing.speed.simulator	Hoverboard Racing	5,000,000
com.zg.real.tractor.farming.simulator.game	Real Tractor Farming Simulator	5,000,000
com.ambulancerescue.driving.simulator	Ambulance Rescue Driving	5,000,000
com.heavymountain.bus2018simulator	Heavy Mountain Bus Simulator 2018	5,000,000
com.firetruckemergency.driver	Fire Truck Emergency Driver	5,000,000
com.farming.tractor.realharvest.simulator	Farming Tractor Real Harvest Simulator	5,000,000
com.carparking.challenge.parksimulator	Car Parking Challenge	5,000,000
com.speedboat.jetski.racing.simulator	Speed Boat Jet Ski Racing	5,000,000
com.watersurfing.carstunt.racing.simulator	Water Surfing Car Stunt	5,000,000
com.offroad.woodtransport.truckdriver	Offroad Wood Transport Truck Driver 2018	5,000,000
com.volumen.booster.equalizer	Volumen booster & Equalizer	5,000,000
com.ks.prado.Car.parking.race.drive.apps	Prado Parking Adventure	5,000,000
com.zg.offroad.Oil.tanker.transporter.truck.cargo.simulator	Oil Tanker Transport Truck Driver	5,000,000
com.monstertruck.demolition	Monster Truck Demolition	1,000,000
com.hummerlimotaxi.simulator.driving	Hummer taxi limo simulator	1,000,000
com.excavator.wreckingball.demolition.simulator	Excavator Wrecking Ball Demolition Simulator	1,000,000
com.offroad.gold.transport.truck	Offroad Gold Transport Truck Driver 2018	1,000,000
com.sea.animals.trucktransport.simulator	Sea Animals Truck Transport Simulator	1,000,000
com.water.surfingrace.motorbike.stunt	Water Surfing Motorbike Stunt	1,000,000
com.policechase.thiefpersecution	Police Chase	1,000,000
com.police.plane.transporter.game	Police Plane Transporter	1,000,000
com.ambulance.driver.extreme.rescue.simulator	Ambulance Driver Extreme Rescue	1,000,000
com.hovercraftracer.speedracing.boat	Hovercraft Racer	1,000,000
com.cars.transport.truckdriver.simulator	Cars Transport Truck Driver 2018	1,000,000
com.motorbike.pizza.delivery.drivesimulator	Motorbike Pizza Delivery	1,000,000
com.heavy.excavator.stonecutter.simulator	Heavy Excavator – Stone Cutter Simulator	1,000,000
com.bottle.shoot.archery.game	Bottle shoot archery	1,000,000
com.offroadbuggy.car.racingsimulator	Offroad buggy car racing	1,000,000
com.garbagetruck.city.trash.cleaningsimulator	Garbage Truck – City trash cleaning simulator	1,000,000
com.tanks.attack.simulator.war.attack	Tanks Attack	1,000,000
com.dinosaurpark.trainrescue	Dinosaur Park – Train Rescue	1,000,000
com.pirateshipboat.racing3d.simulator	Pirate Ship Boat Racing 3D	1,000,000
com.flyingtaxi.simulator.race	Flying taxi simulator	1,000,000
com.jetpackinwater.racersimualtor.danger	Jetpack Water	1,000,000
com.boostervolumen.amplifiersoundandvolumen	Volumen Booster	1,000,000
com.farmgames.animal.farming.simulator	Animal Farming Simulator	1,000,000
com.monstertruck.racing.competition.simulator	Monster Truck	1,000,000
com.simulator.offroadjeep.car.racing	Offroad jeep car racing	1,000,000
com.simulator.flyingcar.stunt.extremetracks.racing	Flying Car Stunts On Extreme Tracks	1,000,000
com.simulator.tractorfarming.driving	Tractor Farming 2018	1,000,000
com.impossible.farming.transport.simulator	Impossible Farming Transport Simulator	1,000,000
com.volumenbooster.equalizerboost	Volumen Booster	1,000,000
com.mustang.rally.championship.racingsimulator	Mustang Rally Championship	1,000,000
com.deleted.photo.recovery	Deleted Photo Recovery	1,000,000
com.race.boat.speedy	Speed Boat Racing	1,000,000
com.cycle.bike.racing.game	Super Cycle Jungle Rider	1,000,000
com.write.name.live.wallpaper.hd	My name on Live Wallpaper	1,000,000
com.maginal.unicorn.game	Magical Unicorn Dash	1,000,000
com.grafton.cycle.jungle.rider.race	Super Cycle Jungle Rider	1,000,000
com.lovecallingapps.lovecaller.Screen	Love Caller Screen	1,000,000
com.city.car.funny.racing.stunt.game.pro	Racing Car Stunts On Impossible Tracks	1,000,000
com.citycar.funny.racinggame.stunt.simulator	Racing Car Stunts On Impossible Tracks 2	1,000,000
com.urban.Limo.taxi.simulation.games	Urban Limo Taxi Simulator	1,000,000
com.cg.heavy.tractor.simulator.game	Tractor Farming Simulator	1,000,000
com.campervan.drivingsimulator.caravan	Camper Van Driving	1,000,000
com.bootleshoot.sniper	Bottle Shoot Sniper 3D	1,000,000
com.globalcoporation.fullscreenincomingcaller.app	Full Screen Incoming Call	1,000,000
com.mustache.beard.editor	Beard mustache hairstyle changer Editor	1,000,000
com.volumenbooster.increaservolumen	Volumen Booster	1,000,000
com.photoeditor.girlfriend.addgirlstophoto.pic	girlfriend photo editor	1,000,000
com.tracker.location.number.free.spy	Mobile Number Tracker & Locator	1,000,000
com.garden.editor.app	Garden Photo Editor	1,000,000
com.fortunewheel.game	Fortune Wheel	1,000,000
com.farming.transport.tractor.simulator	Farming Transport Simulator 2018	1,000,000
com.offroad.tractor.transport.drivingsimulator	OffRoad Tractor Transport	1,000,000
com.customwallpaper.mynameonlivewallpaper	my name on live wallpaper	1,000,000
com.flying.ambulance.emergency.rescue.simulator	Flying Ambulance Emergency Rescue	500,000
com.mustang.driving.car.race	Mustang Driving Car Race	500,000
com.waterpark.carracing.simulator	Waterpark Car Racing	500,000
com.impossibletrucks.extremetrucks.simulator	Impossible Tracks – Extreme Trucks	500,000
com.extreme.flying.motorbike.stuntsimulator	Flying Motorbike Stunts	500,000
com.emergency.firetruck.rescue.drivingsimulator	Fire Truck Emergency Rescue – Driving Simulator	500,000
com.snowplow.simulator.heavysnow.excavator	Heavy Snow Excavator Snowplow Simulator	500,000
com.waterskiing.simulator.games	Water Skiing	500,000
com.photomaker.editor.women.makeupandhairstyle	Women Make Up and Hairstyle Photo Maker	500,000
com.fortune.mountain	Mountain Bus Simulator	500,000
com.vanpizza.truckdelivery.simulator	Van Pizza	500,000
com.truck.simulator.transportandparking	Truck Transport and Parking Simulator	500,000
com.hoverboard.racing.spider.attacksimulator	Hoverboard Racing Spider Attack	500,000
com.moto.sport.championship.racingsimulator	Motorsport Race Championship	500,000
com.demolitionderby.simulator	Demolition Derby	500,000
com.lovecaller.free.loveringtones	Love Caller with love ringtones	500,000
com.house.transport.truck.movingvan.simulator	House Transport Truck – Moving Van Simulator	500,000
com.heavy.excavator.simulator.stonedriller	Heavy Excavator Stone Driller Simulator	500,000
com.cycle.downhill.game	Super Cycle Downhill Rider	500,000
com.extreme.rallychampionship.race	Extreme Rally Championship	500,000
com.missileattack.army.truck	Missile Attack Army Truck	500,000
com.mobile.caller.location.tracker.freecall	Caller Location & Mobile Location Tracker	500,000
com.mobilenumberlocator.tracker	Mobile number locator	500,000
com.mynameonlivewallpaper.animated.hd	My name on Live Wallpaper	500,000
com.spk.coach.offroad.School.bus.mountain.free	City Metro Bus Pk Driver Simulator 2017	500,000
com.fullscreen.incomingcaller.app	Full Screen Incoming Call	500,000
com.allsuit.man.casualshirt.photo.editor	Man Casual Shirt Photo Suit	500,000
com.americanmuscle.car.race	American muscle car race	500,000
com.offroad.nuclearwastetransport.truckdriver	Offroad Nuclear Waste Transport – Truck Driver	500,000
com.madcars.fury.racing.driving.simulator	Mad Cars Fury Racing	100,000
com.high.wheeler.speed.race.championship	High Wheeler Speed Race	100,000
com.colorbynumber.number.coloring.paint.game	Number Coloring	100,000
com.campervan.race.driving.simulator.game	Camper Van Race Driving Simulator 2018	100,000
com.unicornfloat.speedrace.simulator	Unicorn Float – Speed Race	100,000
com.dualscreenbrowser	Dual Screen Browser	100,000
com.harvest.timber.simulatorandtransport	Harvest Timber Simulator	100,000
com.racingsimulator.hot.micro.racers	Hot Micro Racers	100,000
com.lara.unicorn.dash.magical.raider.race	Lara Unicorn Dash	100,000
com.wingsuit.simulator.extreme	Wingsuit Simulator	100,000
com.foodtruck.driving.simulator	Food Truck Driving Simulator	100,000
com.dograce.competition	Dog Race Simulator	100,000
com.suvcar.parking.simulator.game	SUV car – parking simulator	100,000
com.clap.phonefinder.locator	Phone Finder	100,000
com.phonenumerlocator.findphonenumbers	Phone number locator	100,000
com.whatsapplock.gallerylock.ninexsoftech.lock	Gallery Lock	100,000
com.secret.screenrecorder.screenshotrecord	Secret screen recorder	100,000
com.facebeauty.makeup	Face Beauty Makeup	100,000
com.write.your.christmas.letter.santa.threewisemen	Christmas letters to santa and three wise man	100,000
com.deletedfiles.photo.audio.video.recovery	Deleted Files recovery	100,000
com.screndualbrowserdouble.app.android	Dual Screen Browser	100,000
com.crack.mobile.screen.prank	Broken Screen – Cracked Screen	100,000
photoeditor.Garden.photoframe	Garden Photo Editor	100,000
com.modiphotoframe.editor	Modi Photo Frame 2	100,000
com.callerscreen.lovecaller	Love Caller Screen	100,000
com.antitheftalarm.fullbatteryalarm.sound	Anti Theft & Full Battery Alarm	100,000
com.lovecaller.screen.custom	Love Caller Screen 2	100,000
com.sms.message.voice.reading	Voice reading for SMS. Whatsapp & text sms	100,000
com.photo.text.editor.nameonpic	Name on Pic-Name art	100,000
com.mtsfreegames.Speedboatracing	Speed Boat Racing	100,000
com.simulator.traindriving	Train Driving Simulator	100,000
com.grafton.Cycle.jungle.rider	Super Cycle Rider	100,000
com.gl.racinghorse.competition	Racing Horse Championship 3D	100,000
moveapptosd.tosdcard.freeapp	Move App To SD Card 2016	100,000
com.avatarmaker.poptoy.creator	Pop Toy Creator	100,000
com.myphoto.live.wallpaper.editor	Photo Live Wallpaper	50,000
com.messenger2.play.game.Unicorndashk	Magical Unicorn Dash	50,000
com.truck.wheelofdeath	Truck Wheel of Death	50,000
com.livetranslator.translateinlive	Live Translator	50,000
com.volumecontrol.widget.volumebooster	Volume Control Widget	50,000
com.worldcup2018football.shirt.maker.photoeditor	World cup 2018 football shirt maker	50,000
com.girlfriendphotoeditor.girlsinyourphoto	Girlfriend Photo Editor 2	50,000
com.myphoto.on.musicplayer.free	My Photo on Music Player	50,000
com.taxidriving.simulatorgame.race	taxi	50,000
com.garden.photoeditor.photoframe	Garden Photo Editor	50,000
com.fortunewheel.deluxe	Fortune Wheel Deluxe	50,000
com.motorcycle.extremeracing.simulator	Extreme Motorcycle Racer	50,000
com.offroad.snow.bike.christmas.racing	Offroad Snow Bike – Christmas Racing	50,000
com.Droidhermes.bottleninja	Bottle Shoot	50,000
com.Hadiikhiya.photochangebackground	Photo Background Changer 2017	50,000
com.offroad.christmas.treetransport.truck.driversimulator	Offroad Christmas Tree Transport	50,000
com.tank.transport.armytruck.simulator	Tank Transport Army Truck	50,000
com.flagteams.facepaint.editor.world2018cup	Flag face paint: World Cup 2018	10,000
com.russianworld2018cup.livewallpaper.flagsteam	World Cup 2018 Teams Flags Live Wallpaper	10,000
com.editor.selfie.camera.photo	Selfie Camera	10,000
com.desirepk.Offroad.transport.simulator.apps	Missile Attack Army Truck	10,000
massimo.Vidlan.maxplayer	Max Player	10,000
com.flashalerts.callandsms	Flash Alert – Flash on Call	10,000
com.photovideo.maker.withmusic	Photo Video Maker with Music	10,000
com.braingames.iqtest.skills	Brain Games & IQ Test	10,000
com.mix.audio.and.video	Audio Video Mixer	10,000
com.poptoy.creator.edityourpoptoy	Pop Toy Creator 2	10,000
com.flashalert.callandsms	Flash on Call and SMS	10,000
com.photoframe.of.heart	Heart Photo Frames	10,000
com.shayari.hindi.status.photo.text	Shayari 2017	10,000
com.happy.photo.birthday.cake	Photo on Birthday Cake	10,000
com.photoeditor.nature.photoframes	Nature Photo Frames	10,000
com.photoframe.calendar2018editor	Calendar 2018 Photo Frame	10,000
com.christmas.truck.transportsimulator.game	Christmas Truck Transport Simulator	10,000
com.christmas.vandrive.modern.santa	Modern Santa – Christmas van drive	10,000
com.anbrothers.voicechanger.app	Change your voice	10,000
com.monsters.vs.water.duel	Moster vs Water	10,000
com.flowers.editor.photo.frame	EDIT Flowers Photo Frames	10,000
videoeditor.musicvideo.Phototovideomaker.videoeditor	Photo Video Maker with Music	10,000
com.racing.games.toiletpaper.race	Toilet Paper Race	10,000
com.Zv.puppiesdog.racegame	Dog Crazy Race Simulator	10,000
com.luxury.photo.frame.photo.editor	Luxury Photo Frame	10,000
com.bike.wheelofdeath	Bike Wheel of Death	10,000
com.qbesoft.worldfamousphotoframes.app	World Famous Photo Frames	10,000
com.heavysnowexcavator.christmas.rescue	Heavy Snow Excavator Christmas Rescue	10,000
com.syor.deleted.photo.recovery.video.restore	Deleted Files Recovery	10,000
com.footballanalyzer.resultsandstats	Football Results & Stats Analyzer	5,000
com.photoframe.cube3d.live.wallpaper.hd	3D Photo Frame Cube Live Wallpaper	5,000
com.photoframe.geenhill	Green Hill PhotoFrame	5,000
com.christmas.magnetic.magicboard.drawandwrite	Christmas Magic Board	5,000
com.animalspart.photo.editor	Animal Parts Photo Editor	5,000
com.camera.blur.photoeffects	DSLR Camera Blur	5,000
com.quick.photo.frame.carphotoframe	Car Photo Frame	5,000
com.game.handsslap.manitascalientes.redhands	Hands Slap Game	5,000
com.maa.durga.live.wallpaper	4D Maa Durga Live Wallpaper	5,000
com.photomontage.men.sweatshirt.editor	Men Sweatshirt Photo Editor	1,000
com.wordsgame.connectletters	Connect Letters. Words Game	1,000
lanas.recover.deleted.pictures.photos	Recover Deleted Pictures	1,000
com.customized.radio.alarm.clock	Custom Radio Alarm Clock	1,000
com.antispamcalls.blockspamcaller	Anti-spam Calls	1,000
com.compatibilitytest.friends.couples	Compatibility Test	1,000
com.dualscreen.android.app.double	Dual Screen Browser	1,000
com.magic.glow.livewallpaper.animatedwallpaper	Magic Glow Live Wallpaper	1,000
com.game.virtualpet.porgy	Porgy Virtual Pet	1,000
com.explosiongame.taptheball	Tap the Ball	1,000
com.analog.digital.clock.live.wallpaper	Clock Live Wallpaper	1,000
com.royalestas.information	Royale Stats	1,000
com.editor.firetext.photo.frame	Fire text photo frame	1,000
editor.card.greetings.christmas.com.christmasgreetingscard	Christmas greetings card	1,000
com.bestappsco.bestapplock.free	Best App Lock	1,000
com.DJ.photoframe.editor	DJ Photo Frames	1,000
com.autocall.redial.automatic.recall	Auto Call redial	500
com.picquiz.guess.picture.game	Guess the picture	500
com.professionalrecorder.audio.call.record	ProfesionalRecorder	500

. Leer artículo completo en Frikipandi SimBad, el malware para Android presente en 206 apps en Google Play.

Lista de aplicaciones infectadas por SimBad:

Entradas recientes para SimBad, el malware para Android presente en 206 apps en Google Play