{"id":12473,"date":"2018-06-04T08:10:05","date_gmt":"2018-06-04T16:10:05","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/06\/04\/news-6242\/"},"modified":"2018-06-04T08:10:05","modified_gmt":"2018-06-04T16:10:05","slug":"news-6242","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2018\/06\/04\/news-6242\/","title":{"rendered":"Mobile Menace Monday: A race to hidden ads"},"content":{"rendered":"

Credit to Author: Nathan Collier| Date: Mon, 04 Jun 2018 15:00:00 +0000<\/strong><\/p>\n

Who doesn\u2019t love a good motorcycle racing game, right? How about one easily available on Google Play, a \u201csafe\u201d place for all your Android app desires? How about a bike racing game that sticks with you so much, you can\u2019t easily uninstall it? And it displays hidden ads?<\/p>\n

Wait, what!? That\u2019s right! In the slideshow below, a game titled Motorcycle Race\u2014Bike Race <\/em>(package name: com.bikeme.racersm) has rave<\/em>\u00a0reviews by users who demand to know how to uninstall the game.<\/p>\n

Click to view slideshow.<\/a> <\/p>\n

Rev your engines for heightened privileges<\/h3>\n

So how does one get into such a predicament? That all starts with the install process. Upon installing Motorcycle Race\u2014Bike Race, <\/em>the first screen asks to Activate device administrator.<\/em><\/p>\n

\"\"<\/p>\n

Okay, so obviously a bike racing game requesting device administrator rights with permission to Lock the screen<\/em> is a big red flag. However, if you didn\u2019t catch that, there\u2019s another clue that something is amiss. Look at the app name asking for permission: Media Player. <\/em>That\u2019s going to make finding the app in the device\u2019s app list rather difficult (hint, hint).<\/p>\n

\"\"<\/p>\n

After the initial weirdness of asking for heightened privileges, the app does open and run as advertised.<\/p>\n

Click to view slideshow.<\/a> <\/p>\n

Don\u2019t expect the game to perform well, though. It runs so slow and choppy, it makes for an unpleasant experience. This is because it\u2019s doing something much more malicious in the background.<\/p>\n

Over the handlebars into full screen ads<\/h3>\n

After the first time the device\u2019s screen is locked\/unlocked, it becomes clear why Lock the screen<\/em> permission is requested. Behold: annoying lock screen ads that take up the whole screen!<\/p>\n

Click to view slideshow.<\/a> <\/p>\n

Time to chuck this bike: how to uninstall<\/h3>\n

At this point, any user would be ready to ditch this two-wheeled game. However, if the game was given device administrator rights, this isn\u2019t as straightforward as simply dragging the icon to uninstall.<\/em>\u00a0The easiest method would be to let Malwarebytes for Android<\/a>, which detects this as Android\/Trojan.HiddenAds.BiRa<\/a>, remove the app.<\/p>\n

However, you can also uninstall the app manually. Let\u2019s start with dragging the icon to uninstall.\u00a0<\/em>That’ll bring up this warning pop-up:<\/p>\n

\"\"<\/p>\n

Make sure to note the “Bike Racer is part of the following app: Media Player”<\/em>\u00a0text, as you\u2019ll need this information later. Click OK<\/em> to land here.<\/p>\n

\"\"<\/p>\n

Next, select\u00a0Manage device administrators.<\/em><\/p>\n

\"\"<\/p>\n

Click the check mark\u00a0<\/em>to uncheck Media Player <\/em>(which is the true name of the bike racing app). Depending on the Android OS version, this could also be an on\/off toggle switch.<\/p>\n

Here’s an extra reminder, as this is the tricky part: Anytime you need to uninstall an app manually, you\u2019re looking for the app name listed after the colon from first warning pop-up:\u00a0part of the following app:<app name>.\u00a0<\/em>It\u2019s easy to assume that it\u2019s listed under the app icon name (in this case Bike Racer).\u00a0<\/em>This method is a clever way to obfuscate removal.<\/p>\n

\"\"<\/p>\n

Back to uninstalling the app. After you select the check mark, you’ll get to this screen. Click “Deactivate”\u00a0<\/em>at the bottom of the screen.<\/p>\n

After device administrator rights are revoked, once again drag the icon to uninstall. <\/em>This time, you’ll be able to\u00a0successfully remove the app.<\/p>\n

You have the right to not give rights<\/h3>\n

Even when installing apps from reputable sources like Google Play, be careful when you grant device administrator rights. Although there are times when it\u2019s appropriate to grant such rights to an app, make sure the rights line up with the functionality of the app. Giving device administrator rights to a respectable security app in order to remediate ransomware makes sense. A bike racing game needn’t be given the same rights. Why would they need to lock your screen?<\/p>\n

With a little scrutiny and a lot of paying attention to the fine print, you can protect yourself from malicious apps that slip by Google Play’s security parameters. Stay safe out there!<\/p>\n

The post Mobile Menace Monday: A race to hidden ads<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Nathan Collier| Date: Mon, 04 Jun 2018 15:00:00 +0000<\/strong><\/p>\n\n\n\n
<\/a><\/td>\n<\/tr>\n
A bike racing game on Google Play locks users’ screens, displays full-screen ads, and is notoriously difficult to uninstall. It’s no wonder Android game reviewers demand to know how to get rid of it. We show you how. <\/p>\n

Categories: <\/p>\n