Threat Intelligence

1/5/2018
09:00 AM
50%
50%

New Adware Discovered in 22 Apps in Google Play

The 'LightsOut' adware is found is flashlight and utility apps, which have been downloaded between 1.5 million to 7.5 million times.

New adware dubbed "LightsOut" is making the rounds in Google Play, hiding in 22 flashlight and utility apps that have been download up to 7.5 million times, reports Check Point Research, which made the discovery.

LightsOut embeds its malicious script into flashlight and utility apps that appear legitimate. It then hides its icon when the app is launched, making it difficult for the user to remove the adware.

Although the malicious app offers users a control panel and checkbox to disable additional services, such as displaying ads, LightsOut can override users' efforts. As a result, the persistent ads do not appear related to the control panel and checkboxes, reports Check Point.

Any Wi-Fi connection, a locked screen, a cell phone call that ends, or a charger plugged into a device can trigger the LightsOut adware, according to Check Point.

Read more about LightsOut here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
What We Talk About When We Talk About Risk
Jack Jones, Chairman, FAIR Institute,  7/11/2018
Ticketmaster Breach Part of Massive Payment Card Hacking Campaign
Jai Vijayan, Freelance writer,  7/10/2018
Major International Airport System Access Sold for $10 on Dark Web
Kelly Sheridan, Staff Editor, Dark Reading,  7/11/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Cyberspace is much less secure than my old lamp.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-6681
PUBLISHED: 2018-07-17
Abuse of Functionality vulnerability in the web interface in McAfee Network Security Management (NSM) 9.1.7.11 and earlier allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via appliance web interface.
CVE-2018-13864
PUBLISHED: 2018-07-17
A directory traversal vulnerability has been found in the Assets controller in Play Framework 2.6.12 through 2.6.15 (fixed in 2.6.16) when running on Windows. It allows a remote attacker to download arbitrary files from the target server via specially crafted HTTP requests.
CVE-2018-14338
PUBLISHED: 2018-07-17
samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.
CVE-2018-14337
PUBLISHED: 2018-07-17
The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length.
CVE-2018-14329
PUBLISHED: 2018-07-17
In HTSlib 1.8, a race condition in cram/cram_io.c might allow local users to overwrite arbitrary files via a symlink attack.