LightsOut
NJCCIC Threat Profile
Original Release Date: 2018-01-09
LightsOut is an Android adware discovered by researchers at Check Point, found embedded in at least 22 flashlight and utility apps available in the Google Play store, reaching an estimated 1.5 to 7.5 million downloads. LightsOut is used to generate illegal ad revenue for the threat actors by displaying pop-up ads on the end users’ device, sometimes forcing the user to click the ad before it will allow them to perform actions on their device. Additionally, the malicious script overrides the user’s ability to disable ads showing outside of a legitimate context. In many of the apps, it also hides its icon in attempts to prevent its removal. Google was notified and has since removed the malicious apps.
Technical Details
- Check Point provides technical analysis of LightsOut here.
Featured Content
- Disaster Relief and Tragedy-Related Scams>
- Flaw in Cosmo DB Could Allow Access to Databases>
- Threat Actors Use Messaging Service as Phishing Lure>
- Back-to-School Cybersecurity>
- Patch Now: Active Exploitation of Microsoft Exchange ProxyShell Vulnerabilities >
- T-Mobile Breach>
- Test Your Cybersecurity Knowledge - Take Our Cyber Quiz Today>
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.