Malicious Game Apps for Kids on Google Play Displayed Lewd Content

Researchers at Check Point discovered the new AdultSwine malware in at least 60 game apps available in the Google Play store. The malware displayed lewd ads in the apps, many of which were marketed towards children. In addition to displaying inappropriate online advertisements, AdultSwine can trick users into installing fraudulent security apps or registering for costly premium services. Once the malicious app is installed, it initiates the attack when the device boots or its screen is unlocked. The attacker then chooses one of the above three scenarios and displays content on the user’s device. Google removed the apps – which were downloaded between three and seven million times – and disabled the associated developers’ accounts. Google will display strong warnings to users with devices that have these malicious apps installed. The NJCCIC recommends users review the Check Point report and thoroughly research apps prior to installation by reading user reviews and searching for information about the developer. Parents are also highly encouraged to verify all apps downloaded on devices used by children and ensure they are categorized as “Designed for Families” on Google Play. Additionally, we recommend users run a reputable antivirus application on all devices, avoid downloading apps that require excessive device permissions, and refrain from downloading any apps from third-party, unofficial app stores.