Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Scam of the Week – Simbad Malware Infects Millions of Android Devices

Simbad malware

Security researchers at Check Point have discovered a sophisticated new malware campaign that targets android users on the Google Play store.

The malware has infected 206 apps on the platform and has been downloaded by up to 150 million users around the world.

Dubbed ‘Simbad’, the malware predominantly infects simulator games and disguises itself as ads to avoid suspicion. Most free games will contain ads as a way to increase profits for developers, however by hiding behind a software tool called SDK, the attackers have been able to avoid detection.

Once a device has been infected, the malicious app will hide its program icon but quietly play ads in the background, generating fraudulent revenue every time the device is in use.

In addition to displaying malicious ads, Simbad can also be used to conduct phishing attacks by redirecting users to compromised websites where yet more malicious apps can be downloaded.

Image: How Simbad works (Source: Check Point)

Scam of the Week – Simbad Malware Infects Millions of Android Devices

Check Point researchers said the malicious SDK can easily fool developers: “We believe the developers were scammed to use this malicious SDK, unaware of its content, leading to the fact that this campaign was not targeting a specific county or developed by the same developer”.

Google have since removed all the malicious apps from the Play store, however users are strongly advised to check the full list of apps and immediately remove any of the infected games from their device.

The top 10 apps infected with Simbad malware include:

  1. Snow Heavy Excavator Simulator (10 million downloads)
  2. Hoverboard Racing (5 million downloads)
  3. Real Tractor Farming Simulator (5 million downloads)
  4. Ambulance Rescue Driving (5 million downloads)
  5. Heavy Mountain Bus Simulator 2018 (5 million downloads)
  6. Fire Truck Emergency Driver (5 million downloads)
  7. Farming Tractor Real Harvest Simulator (5 million downloads)
  8. Car Parking Challenge (5 million downloads)
  9. Speed Boat Jet Ski Racing (5 million downloads)
  10. Water Surfing Car Stunt (5 million downloads)

To reduce the chance of your phone being infected with adware, there are a number of preventative measures you can take:

  • Only buy Apps from trusted sources

Buying apps from trustworthy sources reduces the chance of your device being hacked or infected with malware. To check the authenticity of a source, you can check the full name, list of published apps and contact details in the app description within the Google Play or Apple app store.

  • Permissions

Permissions are used by apps to access specific functions and data within the device. If an app has a long list of permissions that are unnecessary to the functioning of an app this should act as a red flag and raise suspicions about the intent of its use. The fewer permissions an app requests, the more likely it is to be safe.

  • Learn more about the developer

Take some time to research the developer of the app. Most app stores will include a link to the developer’s web page and this will give you a good idea if they are a reputable source.

  • Update phone software

One of the most important ways to protect against malware is to regularly update your phone’s software. Malicious apps will often take advantage of older versions of browsers therefore it is vital that the latest software update is installed.

If you are looking to start a phishing awareness campaign or would like more information on how to protect yourself online, contact us to find out how we can help.

Further Reading

How to prevent mobile Phishing attacks

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

UK GDPR Series Available Now

Privacy is an ongoing concern for every organisation, however, the notion of consent isn’t without its complications. To help organisations navigate data protection protocols, we
Read More »

Seasonal Phishing Templates

Phishing is a year-round activity for cybercriminals, and just like retailers, they use seasonal events as an opportunity to cash in. Seasonal occasions, including St
Read More »

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations