Does the battery of your Android device lasts less and in need of constant need of charge? or lets say your device gets hot most of the time, acts sluggish, or uses more data than it usually does. Well, your phone might be a victim of a major fraud operation distributed on the Google Play Store. These apps have received over 10 million installs on then Google Play Store
According to security researchers at Oracle Data Cloud, DrainerBot malware has apps in different categories from mobile gaming, makeup and beauty, and other categories infected.
"DrainerBot is one of the first major ad fraud operations to cause clear and direct financial harm to consumers," Eric Roza, senior vice president and general manager of Oracle Data Cloud said. "DrainerBot-infected apps can cost users hundreds of dollars in unnecessary data charges while wasting their batteries and slowing their devices."
The security researchers explained that the apps secretly downloads hidden video adverts to the victims phones, and can consume as much as 10GB of bandwidth per month.
Though the downloaded videos are never seen by anyone, the creators of the fraud bot generates ad revenue each time a legit end user device appears to view a video while visiting a spoofed but legitimate publisher website.
The security researcher said hundreds of popular Android apps and games on the Google Play Store, at one point in the past were infected with DrainerBot. Though the company said the apps are in their hundreds, they named just five. These includes; Perfect365, VertexClub, Draw Clash of Clans, Touch 'n' Beta - Cinema, and Solitaire: 4 Seasons (Full).
According to Arstechnica, a spokeswoman for Oracle who declined to provide to them the complete list of the infected apps said that not all of the apps that were found are currently infected. However, of the five infected apps mentioned, Solitaire: 4 Seasons (Full) is the only one that Google hasn't been kicked from the Play Store.
How To check If You are Infected
One major feature of DrainerBot apps is that they consume more data, mostly in gigabytes. So the easiest way to check if your phone is infected is to check for installed apps with data usage. Go to Settings > Data usage > Mobile data usage ands then check how much data your apps are consuming. For Android 9, Go to Settings > Network and Internet > Data Usage > App Data Usage.
Origin Of The BotOracle said that DrainBot seems to be distributed by a software development kit provided by Tapcore, a Netherlands-based company that helps developers to generate revenue from pirated versions of their apps.
However, Tapcore has denied any "intentional involvement" in the DrainBot ad fraud scheme.
"Tapcore strongly denies any intentional involvement with the supposed ad fraud scheme, and is extremely surprised and alarmed by the allegations and attempt to connect the company with the scheme," Tapcore said in a press release
"At the moment of first hearing about the DrainerBot ad fraud scheme, Tapcore began immediate internal investigation to see whether any such code was ever distributed through its network without knowledge. The company is ready to cooperate with all interested parties and provide all results on its findings. Openness and transparency is paramount in the mobile advertising industry, and Tapcore is prepare to share all data and results."