Another day, another batch of Play Store apps found to contain malware.
This time, the 42 adware-infected apps received 8 million downloads in a campaign that lasted more than a year.
ESET, the long-established cybersecurity firm that discovered the adware, said that Google has now removed all of the offending apps, though it added that the software remains available on third-party app stores.
While many apps show ads legitimately, adware is considered a more sinister presence in that it, for example, serves up scam ads, gathers users’ personal information, drains a phone’s battery, and can be annoyingly persistent.
In this case, the malicious software served full-screen ads at random intervals and made it difficult for the user to know which app was responsible for the ads.
It also gathered data from the user’s handset that included device type, OS version, language, number of installed apps, available storage space, battery status, whether the device is rooted and developer mode enabled, and whether Facebook and Facebook Messenger are installed.
The apps were able to remain available on the Play Store for many months because the adware was designed to function in a way that gave it a greater chance of evading detection by Google’s security systems.
The alleged perpetrator
An extensive investigation detailed in its blog post led ESET to conclude the adware is the work of a college student in Vietnam. According to the cybersecurity firm, the developer started out by creating legitimate apps, but later included the adware to boost his income.
“The various stealth and resilience techniques implemented in the adware show us that the culprit was aware of the malicious nature of the added functionality and attempted to keep it hidden,” ESET said.
The most popular of the offending apps was Video Downloader Master, which received 5 million downloads before it was removed from the Play Store. Here are the apps that ESET reported to Google:
If you have any of the above apps on your Android handset or tablet, the advice is to delete them immediately. Some of the apps were also found in Apple’s App Store but contained no adware, ESET said.
Choosing apps
ESET’s discovery is a timely reminder to take care when choosing apps to download to your device. If the app is new or isn’t well known, it’s worth spending a little time researching reviews or looking online for information on the developer.
Malicious apps have always been an issue for the Play Store, though Google said earlier this year that it’s working constantly to improve its abuse detection technologies and machine learning systems to deal with the issue, and employs a team of human reviewers, too.
In further efforts, the Google Play Protect security platform scans 50 billion apps on users’ devices on a daily basis to check the safety of the installed software.
In 2017, Google deleted 700,000 malicious apps from the Play Store, and banned 100,000 developers from submitting new ones.
