Secure-D and Upstream Systems experts found that ai.type, a popular keyboard for Android, was infected with malicious code, and users could lose about $ 18,000,000 due to this.
Let me remind you that the discovery of malware as part of the application became known last summer. Then, Doctor Web experts revealed on Google Play many applications infected with a clicker trojan, among which was ai.type installed more than 40 million times.
Now, Secure-D and Upstream Systems experts are warning that even after uninstalling from Google Play, the application has remained active on millions of devices and is still available in other, unofficial app stores. Although the activity of the malware decreased, it, unfortunately, still has not stopped completely.
The problem is that the Trojan can not only engage in advertising and promote other applications on Google Play, but can also quietly load any sites, including those with advertising (including video) or other dubious content.
It is reported that to date, Upstream Systems analysts have detected and blocked more than 14,000,000 suspicious transactions requests coming from 110,000 unique devices onto which the ai.type keyboard was loaded. If these requests were not blocked, without the knowledge of the victims, there would be a purchase of premium digital services, which in total would cost users about $ 18,000,000. Suspicious activity of this kind was recorded in 13 countries, but was especially high in Egypt and Brazil.
The researchers once again urged ai.type users to check their devices and accounts for strange activity and expenses, and remove the application from their devices as soon as possible.