Targeted ads have become a part of life that we just seemingly have to live with. On one hand, they can actually be a good thing, providing advertisements for products that we may have some interest in. On the other hand, they can give you that eerie feeling of always being followed.
Advertisements giving you that creepy feeling isn't the worst thing they can do these days. Now, there are ads popping-up that can automatically install malicious apps onto your gadget.
How ads automatically install malware
What's happening now is, advertisements on affected websites are automatically installing an Android Package Kit (APK) dubbed "kskas.apk" to victims' gadgets. The program is purportedly used to clean up Android gadgets and goes by the name Ks Clean.
Once the program is installed on the victim's device, a pop-up message appears claiming the gadget is vulnerable to a security loophole. It then gives the victim instructions on how to update their phone.
Image: Example of malicious apps' fake update message. (Source: Zscaler)
Warning! This update message is a scam.
Instead of securing the user's phone with an update, this actually installs a malicious app. The malicious app requires administrative privileges to be installed. If you give the app admin privileges, it can take total control of your phone.
Even scarier is, if the app has admin privileges you can't remove it from your gadget. The only way to get rid of it is to do a total factory reset of your phone, and you will lose all of your files.
At the moment, the malicious app constantly overloads the victim's device with more pop-up ads. However, the criminal behind the scheme could eventually change the payload to cause even more problems such as infecting gadgets with ransomware.
One example of an affected site is a UFO type conspiracy theory forum called Godlikeproductions. Researchers at Zscaler have identified more than 300 examples of malicious APKs like this over the last couple weeks. So it's getting worse and we expect it to spread further.
How to protect yourself against this malicious ad campaign
An easy way to protect against these malicious ads is to not allow the installation of third-party apps. This security setting is on by default on Android, so you'll only need to take this step if you previously changed your settings.
Here is how to check the setting: Open Settings > Security > Unknown Sources. Make sure Unknown Sources is disabled.
Another thing you should do is backup the critical data on your gadget. We recommend using our sponsor IDrive. Having your files backed up will allow you to recover them if you are ever infected with a malicious app and you need to do a factory reset.
IDrive allows you backup all your PCs, Macs and mobile devices into ONE account for one low cost! Go to IDrive.com and use promo code KIM to receive a special discount of 50% off! Click here to learn more about IDrive, and protect your precious data with all-inclusive backup!