Beware of transparent app illegal software: stealing power, traffic and privacy

2022-05-20

Recently, Ms. Zhou's mobile phone in Beijing has been popping up advertisements for no reason and can't be turned off. Professionals found that there was an illegal software with no file name and transparent icon on her mobile desktop. The reporter of "Xinhua viewpoint" found that such illegal software not only consumes power and traffic, but also annoys the machine owners by pushing all kinds of advertisements. It is often over claimed, and there is a risk of personal information disclosure. Hidden dangers invisible on mobile phones Ms. Zhou's experience is not unique. Li Bo, a college student in Guangzhou, recently found that the power consumption of mobile phones is very fast, and it takes less than half a day to be fully charged. In the past, 30g traffic was enough in one month, but now it can only be used for half a month. "Obviously, no program is opened, and the mobile phone traffic still can't be stopped. I feel that there is an 'Insider' in the mobile phone.". Li Bo went to the mobile phone brand store for consultation. After the staff opened the mobile phone taskbar, they found that there was a blank program running all the time. "I don't know when it was installed or how to 'wake up' this program. The staff said that if it can't be deleted, we can only brush the machine." Said Li Bo. The reporter's investigation found that the app hidden in the mobile phone in a transparent way without name and icon is the latest kind of illegal software. How is illegal software installed on mobile phones? "Use advertising, push and other methods to hide the download link in the user's easy to touch location, such as' close ',' skip 'and other buttons. Once the user inadvertently clicks, the background of the mobile phone will start to download quietly." Ji chonglian, a senior security expert at China Financial Certification Center, told reporters that some transparent illegal software even use other apps for bundle installation. "It is possible that the host will download the illegal software unknowingly without clicking the wrong button.". When downloading an app in Guangzhou, Ms. Liu accidentally found that the mobile phone was installed with illegal software. Her repeated attempts to uninstall failed, and her push advertising didn't stop. Tencent mobile housekeeper has identified more than 5 million samples of transparent app illegal software. Zheng Yangfan, a security expert of Tencent mobile housekeeper, told reporters that the long-term opening of transparent app in the background will not only consume additional mobile phone power and traffic, pop up windows frequently and push advertisements, but also disable mobile phone buttons through technical means and force users to watch advertisements. In addition, some malware even induce users to turn on microphone, camera and other permissions, record keyboards, and steal users' photos, contacts, text messages, location and other personal privacy. There are many "gold sucking" routines Behind the proliferation of illegal software is the gray and black industrial chain of illegal profits. —— Push advertising to earn dividends. Ms. Liu told reporters that since there was a transparent illegal app in the mobile phone, they were forced to look at the advertisement first when unlocking the screen. Clicking "unlock" on the page will even trigger a new advertisement push. Qianxin security expert Xie Si said that the transparent app itself has no substantive functions, but some unscrupulous developers make profits by adding various functions. Advertising dividends are generally calculated by the user's viewing times, click jump times, downloads and other data. Developers make profits by forcibly pushing advertisements through the ambush function. —— Induce malicious download deduction. Mr. Wu, a white-collar worker in Foshan, recently found that a game called "XX knights" appeared on his mobile phone, and 10 yuan was deducted every month. Mr. Wu carefully checked and found that the game was inadvertently downloaded from the browser. "If you want to complain, you don't know who to complain about. You can only be dumb." Mr. Wu said. —— Obtain user information for business purposes. Shenzhen programmer Mr. Wang's father's mobile phone frequently appears advertising pop-up windows. After careful inspection, he found that the hidden transparent app of the mobile phone is a small plug-in of a shopping software. "My father said that the shopping software was downloaded after clicking the link sent by others on wechat. When I first opened the shopping app, I clicked 'allow'." Mr. Wang told reporters that since the transparent app is bundled with the shopping software, the commodity information and browsing records entered in the shopping software may be recorded. Later, Mr. Wang tried to open other shopping software on his father's mobile phone and found that similar products he had browsed appeared on the page. "This transparent app is embedded with a third-party SDK function package, which will collect user behavior data, and may even sell the included information to other service providers." Mr. Wang said. Experts said that such illegal apps not only push advertising to obtain income dividends, but also may steal personal information and become a tool for illegal activities such as telecom fraud. Experts suggest that users update the system as much as possible and do not click on unknown links Wang Yang, an expert from the national information technology security research center, said that the new version of Android system does not allow software without icons to run in the background. Some illegal software has put on various coats, and transparent icons are one of them. "It's easy to implement the 'transparent' icon. During development, you only need to set the icon property and empty the app name." It is reported that after such apps are installed, only deleting a desktop file cannot uninstall it. Generally, you need to enter the "application management" in the device settings to uninstall it. Some even install more than two programs at one time: a main program and a daemon. When the main program is uninstalled, the daemon will reinstall it. It is so repeated that it is difficult to delete it completely. Wang Yang said that due to the difficulty in identifying the main body of many apps, there are an endless stream of apps with low installation threshold and infringement on users' rights and interests. Users need to pay special attention when installing and using apps. It is understood that the built-in system of Android mobile phones produced by some large manufacturers on the market will be updated automatically in real time, the malicious code base of the system is also constantly improved, and the new system will "block" the common malicious code. However, in order to save costs, some manufacturers will remove some functions, such as automatic update, so that the mobile phone will not receive the latest system patch. In this regard, Professor Weng Jian, vice president of Jinan University, reminded: users should update the system to the latest version as much as possible; Malicious applications rarely pass the application store audit. Users should not click unknown links and try to download applications through the application mall provided by the system; Users can open the option of "prohibit installing software from unknown sources" in system settings to avoid inadvertent installation of malicious programs. Weng Jian suggested that mobile phone manufacturers should specially indicate the authority and risk level of the application in the process design of installing the application, and do a good job in the screening mechanism in the application mall; Relevant departments have strengthened law enforcement to crack down on illegal software gray black industrial chain. Since 2021, Guangdong Provincial Communications Administration has issued a notice on the disposal of 272 apps in violation of laws and regulations, and removed 27 apps that failed to complete the rectification on schedule. For the new carriers of mobile illegal software such as transparent app, Guangdong Provincial Communications Administration said that in the next step, it will continue to expand the data collection scope of APP regulatory platform, improve the monitoring capacity and technical detection level, strengthen the disposal and exposure, and strengthen the protection of personal information and data security supervision. It is understood that in 2021, the Ministry of industry and information technology conducted technical testing on 2.08 million apps, reported 1549 apps in violation of regulations and 514 apps off the shelf, and continued to promote the special rectification of personal information protection. (Xinhua News Agency)

Edit:He Chuanning    Responsible editor:Su Suiyue

Source:Xinhua

Special statement: if the pictures and texts reproduced or quoted on this site infringe your legitimate rights and interests, please contact this site, and this site will correct and delete them in time. For copyright issues and website cooperation, please contact through outlook new era email:lwxsd@liaowanghn.com

Return to list

Recommended Reading Change it

Links

Submission mailbox:lwxsd@liaowanghn.com Tel:020-817896455

粤ICP备19140089号 Copyright © 2019 by www.lwxsd.com.all rights reserved

>