According to a ThreatDown research report, Android users are being targeted by a form of adware known as MobiDash, which has been spreading through various channels. This malicious software can integrate itself into legitimate apps without altering their core functionality. Before we deep dive into this new threat,
Android/Adware. MobiDash is Malwarebytes’ detection name for an adware that targets mobile devices running the Android OS, which became prevalent in 2015 and continues to be spread via hundreds of variants. It comes in the form of a Software Development Kit (SDK), a pre-packaged set of tools that can be added easily onto any Android Application Package (APK), the format used to distribute Android apps.
For example, if a user downloads a seemingly harmless app like a calculator, MobiDash silently serves unwanted ads in the background.
One of the stealthier aspects of MobiDash is its delayed activation. It typically remains dormant for a few days after installation, making it harder for users to associate the sudden appearance of intrusive ads with the app they installed. This tactic complicates the identification and removal of the infected app.
Additionally, the research linked the spread of this adware to phishing campaigns and the dissemination of suspicious links through social media platforms like Facebook.
In addition to spreading through Facebook, the MobiDash adware is also being distributed via certain websites that feature explicit content. According to ThreatDown research, these sites employ a chain of redirects to facilitate the infection.
When users click on malicious links, they are redirected through domains such as lookebonyhill.com, apkretro.com, and finally 3-dl-app.com, where an .apk file is automatically downloaded. In some cases, users may need to manually click the "Download" button to initiate the process.
Once installed, MobiDash waits a few days before becoming active, displaying ads and creating an overall intrusive experience, while still allowing the original app to function. This delay makes it harder for victims to connect the adware to the app they installed, further complicating its detection and removal.
To stay safe, it's crucial to avoid downloading apps from untrusted websites, especially those requiring .apk files outside of official app stores. Users should also be cautious when navigating sites that host explicit content, as they are often breeding grounds for malware and adware like MobiDash. With this thought we sign off for today,
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
