View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 25, 2014

Bug in Chrome installs apps automatically

The security flaw has been only reported in Android.

By CBR Staff Writer

A new bug has been discovered in Chrome browser for Android based smartphones which allows automatic installations of apps without user consent.

According security website Extension Defender, the apps after getting downloaded are capable of hacking into users’ personal information and send it back to the malware author.

The firm cited that a Browser Extension Monetization company named Revjet.io uses snippet code from Vulcun.com, desktop-to-mobile ad server, which helps developers integrate advertisements into their apps.

The code is designed to run itself in the background and install apps without user consent, because the confirmation dialogue and permission prompts are not shown to the user.

Vulcun.com gets paid by app developers every time an app gets installed; the practice is seen by ad services that make money by delivering installations even if the user does not wish to install the apps.

According to Extension Defender the malware uses 3Dnator, FB Auto-Poker, Post To Tumblr, and Alert Control apps.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU