Published on October 2, 2024
Vincent Paquette
Cybersecurity researchers are warning owners of Android phones and tablets about malware. MobiDash as it is called, is an advertising “malware” that spreads on the web and social networks. With more than a hundred different variants, this “adware” wants to bombard our device with advertisements and unwanted announcements.
The Android world has its good sides, but also its bad sides…
The freedom of being able to do what you want with your device is something prized by some users.
However, with this freedom comes the risk of downloading a malicious file or software.
We have new proof of this with the MobiDash malware.
What is MobiDash malware?
It was cybersecurity researchers from the firm ThreatDown who detected the spread of MobiDash on the web and social networks.
At its core, MobiDash is what we call an SDK. That is, a software development kit.
It is a set of tools, libraries and documentation that help developers create applications for a specific platform. In this case: Android.
Without going into technical details, an SDK file can be integrated into a legitimate application and then create a malicious version of it.
The malicious application is then shared in the form of an APK file which is a file allowing you to download an application to an Android device.
The fact remains that MobiDash targets legitimate applications, it creates false versions, then these false versions are shared on the web and social networks.
How exactly does MobiDash spread?
ThreatDown explains that MobiDash is spread via phishing emails, links in social media posts as well as porn sites.
Phishing and fraud attempts: how to recognize them and protect yourself
To trick us, the hackers behind MobiDash use a redirect chain.
That is to say, we click on a link thinking that it will take us to a destination A, but in fact we are constantly redirected from one site to another until we end up downloading the famous MobiDash APK file.
What are the dangers of MobiDash adware?
Once in our Android phone or tablet, MobiDash will act like a Trojan Horse. This means that it will wait a few days before activating.
Once awake, it begins to bombard our device with advertisements, making its use downright hellish.
This is why we speak of malicious advertising software or in English “adware”.
How to get rid of ads that keep popping up on mobile?
However, as ThreatDown explains, it is far from easy to remove.
The MobiDash SDK is attached to a legitimate APK which will continue to work as expected, the victim may wonder where the ads are coming from and will not know which app to uninstall.
How to protect yourself and avoid installing MobiDash?
We often remind you, but we must always install our applications via a reliable store such as the Google Play Store or the Samsung Galaxy Store.
Downloading an APK file exposes yourself to risks. Especially from a shady website or social media ad.
However, what is sneaky in the case of MobiDash is the aspect of the redirection chain.
One might think of clicking on a link to read a news story or buy a product, then being redirected to installing the APK file containing MobiDash.
So how can we avoid falling into the trap against our will?
The best way is to get a good mobile antivirus.
The latter will detect malicious sites as well as the installation of files containing a virus, then block them.
So, if we click on a link that takes us into a redirection chain, our antivirus will block the final destination and prevent the download of the corrupted file.
Our recommendations for the best mobile antiviruses
