SimBad was a strain of adware on the Google Play Store, distributed through the RXDroider Software Development Kit. The name "SimBad" was derived from the fact that most of the infected applications were simulator games. The adware was controlled using an instance of the open source framework Parse Server.
SimBad registers for the
|Mobile||T1475||Deliver Malicious App via Authorized App Store|
|Mobile||T1476||Deliver Malicious App via Other Means|
|Mobile||T1472||Generate Fraudulent Advertising Revenue|
|Mobile||T1444||Masquerade as Legitimate Application|
|Mobile||T1508||Suppress Application Icon|