{"id":342227,"date":"2025-11-27T20:02:42","date_gmt":"2025-11-27T17:02:42","guid":{"rendered":"http:\/\/dana.nwar.uk\/sa\/android-users-told-to-delete-apps-immediately-after-cyber-attack-infestation\/"},"modified":"2025-11-27T20:02:42","modified_gmt":"2025-11-27T17:02:42","slug":"android-users-told-to-delete-apps-immediately-after-cyber-attack-infestation","status":"publish","type":"post","link":"https:\/\/hameed.nwar.uk\/sa\/android-users-told-to-delete-apps-immediately-after-cyber-attack-infestation\/","title":{"rendered":"Android users told to delete apps immediately after cyber attack infestation"},"content":{"rendered":"<div>\n<p><img width=\"1200\" height=\"630\" src=\"http:\/\/hamed.nwar.uk\/w\/wp-content\/uploads\/2025\/11\/1764262781_0_In-this-photo-illustration-the-Android-logo-seen-displayed.jpg\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"\" decoding=\"async\" loading=\"lazy\" srcset=\"http:\/\/hamed.nwar.uk\/w\/wp-content\/uploads\/2025\/11\/1764262781_0_In-this-photo-illustration-the-Android-logo-seen-displayed.jpg 1200w, http:\/\/hamed.nwar.uk\/w\/wp-content\/uploads\/2025\/11\/1764262781_0_In-this-photo-illustration-the-Android-logo-seen-displayed-300x158.jpg 300w, http:\/\/hamed.nwar.uk\/w\/wp-content\/uploads\/2025\/11\/1764262781_0_In-this-photo-illustration-the-Android-logo-seen-displayed-1024x538.jpg 1024w, http:\/\/hamed.nwar.uk\/w\/wp-content\/uploads\/2025\/11\/1764262781_0_In-this-photo-illustration-the-Android-logo-seen-displayed-768x403.jpg 768w, http:\/\/hamed.nwar.uk\/w\/wp-content\/uploads\/2025\/11\/1764262781_0_In-this-photo-illustration-the-Android-logo-seen-displayed-260x137.jpg 260w\" sizes=\"auto, (max-width: 1200px) 100vw, 1200px\"><\/p>\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-2 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"615\" height=\"409\" data-id=\"136749\" src=\"http:\/\/hamed.nwar.uk\/w\/wp-content\/uploads\/2025\/11\/0_In-this-photo-illustration-the-Android-logo-seen-displayed.jpg\" alt=\"\" class=\"wp-image-136749\"><\/figure>\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"615\" height=\"410\" data-id=\"136750\" src=\"http:\/\/hamed.nwar.uk\/w\/wp-content\/uploads\/2025\/11\/0_Hacker-attacking-internet.jpg\" alt=\"\" class=\"wp-image-136750\"><\/figure>\n<\/figure>\n<p><\/p>\n<div id=\"article-body\">\n<h2 class=\"LeadText_lead-text__wd_PA __className_0292ec\" data-testid=\"leadtext\" publication=\"mirror\">Hundreds of Android apps infected with SlopAds ad fraud malware have been removed from the Google Play store after they were downloaded over 38 million times \u2013 with users being warned to delete them<\/h2>\n<div class=\"Byline_byline-container__K_Owl\" data-testid=\"byline\"><span data-testid=\"byline-content\" class=\"Byline_byline-content-wrapper__Imque\"><\/p>\n<div class=\"Byline_author-badge-date-wrapper__Q7jj1\">\n<div class=\"Byline_author-and-badge-wrapper__2dsv1\">\n<p><span><strong class=\"Strong_strong__e2x35 __className_0292ec\">Eilidh Farquhar<\/strong> Trainee Affiliate Writer<\/span><span>, <strong class=\"Strong_strong__e2x35 __className_0292ec\">Benedict Tetzlaff-Deas<\/strong> News Reporter<\/span><span>  and <strong class=\"Strong_strong__e2x35 __className_0292ec\">David Snelling<\/strong><\/span><\/p>\n<\/div>\n<p><span class=\"\" data-testid=\"byline-publishedDate\">19:49, 26 Nov 2025<\/span><\/p>\n<\/div>\n<p><\/span><\/div>\n<p><button class=\"LightboxBtn_lightbox-btn__eoxYS\" aria-label=\"Open image viewer\" aria-haspopup=\"dialog\" aria-controls=\"image-lightbox\"><\/p>\n<div class=\"ImageEmbed_image-embed__0T8WX ImageEmbed_image-lead__Ti3qQ\" data-testid=\"leadimage\" data-tmdatatrack=\"content-unit\" data-tmdatatrack-articleid=\"36312732\">\n<div class=\"ImageEmbed_image-container__2AIQm\">\n<figure class=\"Figure_figure__Uce4f\" style=\"--figure-aspect-ratio:1.5\"><img decoding=\"async\" src=\"http:\/\/hamed.nwar.uk\/w\/wp-content\/uploads\/2025\/11\/0_In-this-photo-illustration-the-Android-logo-seen-displayed.jpg\" alt=\"  A picture of a hand holding an Android phone\" loading=\"eager\"><\/figure>\n<\/div><figcaption class=\"ImageEmbed_fig-caption__qotOK\"><span class=\"ImageEmbed_camera-style__Qjeby\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"16\" height=\"16\" viewbox=\"0 0 16 16\" fill=\"none\"><g clip-path=\"url(#clip0_209_94274)\"><path opacity=\"0.16\" fill-rule=\"evenodd\" clip-rule=\"evenodd\" d=\"M14 4H2V10.6667C2 11.403 2.59695 12 3.33333 12H12.6667C13.403 12 14 11.403 14 10.6667V4ZM8 10C9.10457 10 10 9.10457 10 8C10 6.89543 9.10457 6 8 6C6.89543 6 6 6.89543 6 8C6 9.10457 6.89543 10 8 10Z\" fill=\"var(--color-sem-icon-primary-default)\"><\/path><path d=\"M2 3.33331H14V11.3333C14 12.0697 13.403 12.6666 12.6667 12.6666H3.33333C2.59695 12.6666 2 12.0697 2 11.3333V3.33331Z\" stroke=\"var(--color-sem-icon-primary-default)\" stroke-width=\"1.33333\" stroke-linejoin=\"round\"><\/path><circle cx=\"8\" cy=\"8\" r=\"2\" stroke=\"var(--color-sem-icon-primary-default)\" stroke-width=\"1.33333\" stroke-linecap=\"round\" stroke-linejoin=\"round\"><\/circle><path d=\"M11.3332 1.33331L12.6665 1.33331\" stroke=\"var(--color-sem-icon-primary-default)\" stroke-width=\"1.33333\" stroke-linecap=\"round\" stroke-linejoin=\"round\"><\/path><\/g><defs><clippath id=\"clip0_209_94274\"><rect width=\"16\" height=\"16\" fill=\"white\"><\/rect><\/clippath><\/defs><\/svg><\/span><span class=\"ImageEmbed_caption-title__FSINC\">Android users have been warned about a new security threat to their devices (file photo)<\/span><span class=\"ImageEmbed_caption-credit__uNiU6\">(Image: SOPA Images\/LightRocket via Getty Images)<\/span><\/figcaption><\/div>\n<p><\/button><\/p>\n<p class=\"Paragraph_paragraph-text__PVKlh \" data-tmdatatrack=\"content-unit\" data-tmdatatrack-type=\"paragraph\" publication=\"mirror\">Cyber \u200b\u200bcriminals are once again targeting Android devices in a bid to trick unsuspecting victims into handing over their personal and financial information.<\/p>\n<p class=\"Paragraph_paragraph-text__PVKlh \" data-tmdatatrack=\"content-unit\" data-tmdatatrack-type=\"paragraph\" publication=\"mirror\">Users are being urged to remove apps that have been compromised by the fresh scam immediately, which involves hackers carrying out a sophisticated form of advertising fraud. By flooding apps with malicious adverts, hackers can slow down the devices they\u2019ve compromised while padding their own pockets.<\/p>\n<p class=\"Paragraph_paragraph-text__PVKlh \" data-tmdatatrack=\"content-unit\" data-tmdatatrack-type=\"paragraph\" publication=\"mirror\">The fresh attack was identified by the Satori Threat Intelligence and Research Team and has been dubbed \u2018SlopAds\u2019. Researchers have found that 224 Android apps were affected by this attack, which have been downloaded more than 38 million times via the Google Play Store app.<\/p>\n<p><span data-testid=\"readmore\" class=\"ReadMore_readmore-prefix__xS44r __className_ef10f1\">READ MORE<!-- -->: <span class=\"ReadMore_readmore-link__eF9pN\">Amazon attack warning ahead of Black Friday as 300 million customers at risk<\/span><\/span><span data-testid=\"readmore\" class=\"ReadMore_readmore-prefix__xS44r __className_ef10f1\">READ MORE<!-- -->: <span class=\"ReadMore_readmore-link__eF9pN\">Cybersecurity specialist says make Microsoft Windows change \u2013 or \u2018be exposed\u2019<\/span><\/span><\/p>\n<div data-testid=\"image-group\"><button class=\"LightboxBtn_lightbox-btn__eoxYS\" aria-label=\"Open image viewer\" aria-haspopup=\"dialog\" aria-controls=\"image-lightbox\"><\/p>\n<div class=\"ImageEmbed_image-embed__0T8WX false\" data-testid=\"imageembed-36312736\" data-tmdatatrack=\"content-unit\" data-tmdatatrack-articleid=\"36312736\" data-tmdatatrack-type=\"image\">\n<div class=\"ImageEmbed_image-container__2AIQm\">\n<figure class=\"Figure_figure__Uce4f\" style=\"--figure-aspect-ratio:1.5\"><img decoding=\"async\" src=\"http:\/\/hamed.nwar.uk\/w\/wp-content\/uploads\/2025\/11\/0_Hacker-attacking-internet.jpg\" alt=\"A dark image of a person wearing a hoodie hunched over a laptop \" loading=\"lazy\"><\/figure>\n<\/div><figcaption class=\"ImageEmbed_fig-caption__qotOK\"><span class=\"ImageEmbed_camera-style__Qjeby\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"16\" height=\"16\" viewbox=\"0 0 16 16\" fill=\"none\"><g clip-path=\"url(#clip0_209_94274)\"><path opacity=\"0.16\" fill-rule=\"evenodd\" clip-rule=\"evenodd\" d=\"M14 4H2V10.6667C2 11.403 2.59695 12 3.33333 12H12.6667C13.403 12 14 11.403 14 10.6667V4ZM8 10C9.10457 10 10 9.10457 10 8C10 6.89543 9.10457 6 8 6C6.89543 6 6 6.89543 6 8C6 9.10457 6.89543 10 8 10Z\" fill=\"var(--color-sem-icon-primary-default)\"><\/path><path d=\"M2 3.33331H14V11.3333C14 12.0697 13.403 12.6666 12.6667 12.6666H3.33333C2.59695 12.6666 2 12.0697 2 11.3333V3.33331Z\" stroke=\"var(--color-sem-icon-primary-default)\" stroke-width=\"1.33333\" stroke-linejoin=\"round\"><\/path><circle cx=\"8\" cy=\"8\" r=\"2\" stroke=\"var(--color-sem-icon-primary-default)\" stroke-width=\"1.33333\" stroke-linecap=\"round\" stroke-linejoin=\"round\"><\/circle><path d=\"M11.3332 1.33331L12.6665 1.33331\" stroke=\"var(--color-sem-icon-primary-default)\" stroke-width=\"1.33333\" stroke-linecap=\"round\" stroke-linejoin=\"round\"><\/path><\/g><defs><clippath id=\"clip0_209_94274\"><rect width=\"16\" height=\"16\" fill=\"white\"><\/rect><\/clippath><\/defs><\/svg><\/span><span class=\"ImageEmbed_caption-title__FSINC\">Hackers have been flooding apps with malicious adverts (file photo)<\/span><span class=\"ImageEmbed_caption-credit__uNiU6\">(Image: Getty Images)<\/span><\/figcaption><\/div>\n<p><\/button><\/div>\n<p class=\"Paragraph_paragraph-text__PVKlh \" data-tmdatatrack=\"content-unit\" data-tmdatatrack-type=\"paragraph\" publication=\"mirror\">Security specialists from the team revealed: \u201cHUMAN\u2019s Satori Threat Intelligence and Research Team has uncovered and disrupted a sophisticated ad fraud and click fraud operation dubbed SlopAds. The threat actors behind SlopAds operate a collection of 224 apps and growing, collectively downloaded from Google Play more than 38 million times across 228 countries and territories.<\/p>\n<p class=\"Paragraph_paragraph-text__PVKlh \" data-tmdatatrack=\"content-unit\" data-tmdatatrack-type=\"paragraph\" publication=\"mirror\">\u201cThese apps deliver their fraud payload using steganography and create hidden WebViews to navigate to threat actor-owned cashout sites, generating fraudulent ad impressions and clicks. The threat actors\u2019 infrastructure and many of the apps share an AI theme, contributing to the name of the operation.\u201d<\/p>\n<p class=\"Paragraph_paragraph-text__PVKlh \" data-tmdatatrack=\"content-unit\" data-tmdatatrack-type=\"paragraph\" publication=\"mirror\">It\u2019s crucial to highlight that Google has successfully eliminated all of the problematic apps, ensuring that no fresh users will fall victim to ad fraud. Those concerned about having downloaded one of the applications containing the SlopsAds bug have been told that all those affected will receive an alert encouraging them to remove the apps, reports <a class=\"TextLink_text-link__dBSS0 TextLink_enabled__dJF3l\" href=\"https:\/\/www.dailyrecord.co.uk\/news\/science-technology\/hundreds-android-apps-infested-cyber-35948361\" target=\"_self\" aria-label=\"\" tabindex=\"0\">the Daily Record<\/a>.<\/p>\n<p class=\"Paragraph_paragraph-text__PVKlh \" data-tmdatatrack=\"content-unit\" data-tmdatatrack-type=\"paragraph\" publication=\"mirror\">To safeguard against future attacks, all Android users are being advised to ensure Google\u2019s Play Protect feature within the app store remains activated. This mechanism will alert users to potentially corrupt applications before installation, while also blocking any subsequent apps that have demonstrated behavior linked to SlopAds.<\/p>\n<p class=\"Paragraph_paragraph-text__PVKlh \" data-tmdatatrack=\"content-unit\" data-tmdatatrack-type=\"paragraph\" publication=\"mirror\">Ad fraud does not merely harm device users, but also legitimate advertisers and developers as hackers deceive the network into allowing their infected advertisements. Google added: \u201cAd interactions generated for the purpose of tricking an ad network into believing traffic is from authentic user interest is ad fraud, which is a form of invalid traffic.<\/p>\n<p class=\"Paragraph_paragraph-text__PVKlh \" data-tmdatatrack=\"content-unit\" data-tmdatatrack-type=\"paragraph\" publication=\"mirror\">\u201cAd fraud may be the byproduct of developers implementing ads in disallowed ways, such as showing hidden ads, automatically clicking ads, altering or modifying information and otherwise leveraging non-human actions (spiders, bots, etc.) or human activity designed to produce invalid ad traffic. Invalid traffic and ad fraud is harmful to advertisers, developers, and users, and leads to long-term loss of trust in the mobile Ads ecosystem.\u201d<\/p>\n<p class=\"Paragraph_paragraph-text__PVKlh \" data-tmdatatrack=\"content-unit\" data-tmdatatrack-type=\"paragraph\" publication=\"mirror\">Android users are being advised to act swiftly and delete any apps flagged as infected to safeguard their devices.<\/p>\n<\/div>\n<p><a href=\"https:\/\/www.mirror.co.uk\/tech\/android-users-told-delete-apps-36312684\">Source link <\/a><\/div>\n","protected":false},"excerpt":{"rendered":"<div>\n<p><img decoding=\"async\" width=\"1200\" height=\"630\" src=\"http:\/\/hamed.nwar.uk\/w\/wp-content\/uploads\/2025\/11\/1764262781_0_In-this-photo-illustration-the-Android-logo-seen-displayed.jpg\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"\" loading=\"lazy\"><\/p>\n<p>Hundreds of Android apps infected with SlopAds ad fraud malware have been removed from the Google Play store after they were downloaded over 38 million times \u2013 with users being warned to delete them Eilidh Farquhar Trainee Affiliate Writer, Benedict Tetzlaff-Deas News Reporter and David Snelling 19:49, 26 Nov 2025 Android users have been warned [\u2026]<\/p><\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[24400],"class_list":["post-342227","post","type-post","status-publish","format-standard","hentry","category-1","tag-fuck-my-wife"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/hameed.nwar.uk\/sa\/wp-json\/wp\/v2\/posts\/342227","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hameed.nwar.uk\/sa\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hameed.nwar.uk\/sa\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hameed.nwar.uk\/sa\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hameed.nwar.uk\/sa\/wp-json\/wp\/v2\/comments?post=342227"}],"version-history":[{"count":0,"href":"https:\/\/hameed.nwar.uk\/sa\/wp-json\/wp\/v2\/posts\/342227\/revisions"}],"wp:attachment":[{"href":"https:\/\/hameed.nwar.uk\/sa\/wp-json\/wp\/v2\/media?parent=342227"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hameed.nwar.uk\/sa\/wp-json\/wp\/v2\/categories?post=342227"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hameed.nwar.uk\/sa\/wp-json\/wp\/v2\/tags?post=342227"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}