April 24, 2015
The module detected by Doctor Web security researches has been added to the Dr.Web virus database under the name Adware.MobiDash.2.origin. This is an updated version of an “aggressive” advertising platform known from February, 2015, as Adware.MobiDash.1.origin. Similar to its predecessor, Adware.MobiDash.2.origin starts to perform its malicious activity not right after the installation but after a period of time. This time period is long enough for the user to forget about the potential source of annoying notifications and advertisements, so the malware stays on the device intact. The module can execute the following unwanted actions:
- Display on the mobile device’s screen different advertisements that can appear on top of other windows;
- Load advertising webpages in the browser;
- Show advertising and other messages in the status bar.
Advertisements displayed by Adware.MobiDash.2.origin can overlap not only windows of running programs but also the OS interface preventing the user from operating the device in a usual way.
So far, Doctor Web security researchers have detected several Google Play applications with the Adware.MobiDash.2.origin module. In total, these applications have been installed more than 2,500,000 times. However, one can assume that the number of these applications is considerably larger. Therefore, Android devices’ users should be careful in choosing what software to install on their devices.
All programs containing the Adware.MobiDash.2.origin advertising platform can be successfully detected by Dr.Web for Android and Dr.Web for Android Light either at the very beginning of the installation or after they are already installed. Therefore, our users are effectively protected from the malware’s unwanted activities.
Tell us what you think
You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.