For performing specific advertising services, a Chinese company had developed a software development kit SDK named as Igexin. But this kit placed users at risk as it was started to be used by attackers for sneaking malware into the Android devices. According to the reports, Google has now removed more than 500 Android apps from its Play Store marketplace that have been found to install spyware on handsets.
The firm noted that the malware was found mostly in the game apps that had as many as 100 million downloads, the weather app and photo editing app with five million downloads along with one millions users of the radio app. the rest of the apps that were effected belonged to different categories such as health, education, travelling, and fitness.
The main purpose of the Igexin SDK was for developer advertisements to users of specific apps that could be used for generating revenue for the maker of the app. In order to provide this service, based on interests and habits, users’ data was collected to help target advertising. Not only this, Igexin was also capable of doing a lot but unfortunately, its control server got hacked by attackers for sending malware to handsets. The attacker with this software gets the ability to lift logs of user information from a device. Plugins could also be installed on a handset by the attacker and could also reveal information about user activity.
As Igexin has been a common SDK and was found in numerous popular apps and service, the extent of damage cannot be determined. The reports state that all apps are not confirmed to have been exploited by the malicious spying activity but Igexin proved to be the doorway for spreading the malware. Google has removed all such apps and has taken a more aggressive approach to policing its app marketplace.