Adware-laced apps infect 9 million Google Play Store users

In the latest round of bad apps hunting, cybersecurity company Trend Micro has sniffed out 85 apps disguised as adware in the Google Play Store.

The report states that the 85 malicious apps – disguised as games and tools – unknowingly serves ads to users who install them. In total, the apps have been downloaded over nine million times.

The attack vector is also diverse: these apps can hide and run in the background on infected machines. Some can also monitor and alter device behaviour.

Some apps stand out due to their high download count. The fake app “Easy Universal Remote” garnered over five million downloads before it was removed. Before its suspension, it had a score of 3.9, and its review section was populated with complaints from users. The complaints ranged from the app not functioning as intended to hiding ads in the background.

Source: Trend Micro
Source: Trend Micro

After examining the behaviour of the 85 fake apps, Trend Micro concluded that they’re of the same family despite originating from different makers. They exhibit similar behaviours and often share the same code.

Many of the apps follow a strict formula. It first tricks the user into pressing fake call-to-action buttons that launch full-screen ads, then hide themselves and the app icon, preventing the user from shutting it down, making uninstalling difficult. The hidden apps then deliver a full-screen ad every 15-30 minutes.

An example of the fullscreen ads. Source: Trend Micro

Some other fake apps detect when the user unlocks the screen and serves an ad immediately after, increasing the ad’s chances to engage with the user.

After the report was released, Google removed all 85 apps from its Play Store.

A good way to prevent falling victim to similar attacks in the future is to always read user reviews in the comment section. Also, do research on the publisher and only download from established developers. In addition, tell tale signs of a bad app include unpolished user interfaces, typos, and obscure names.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Tom Li
Tom Li
Telecommunication and consumer hardware are Tom's main beats at IT Business. He loves to talk about Canada's network infrastructure, semiconductor products, and of course, anything hot and new in the consumer technology space. You'll also occasionally see his name appended to articles on cloud, security, and SaaS-related news. If you're ever up for a lengthy discussion about the nuances of each of the above sectors or have an upcoming product that people will love, feel free to drop him a line at tli@itwc.ca.

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.