Jump to content

Thousands of Infected Android Apps Found on Google Play Store


steven36

Recommended Posts

Apps already removed by Google, Avast says

 

https://s7d6.turboimg.net/sp/cfd1fe894293676e233390198e42c672/9531639.png

 

Some of the apps had several reviews revealing their malicious activity

 

Security company Avast discovered no less than 26 apps on the Google Play Store that included adware forcing ads on compromised systems, using special behavior to make it harder for users to remove the infection.

The apps were based on the Cordova development framework and used various developer names, most likely in an attempt to avoid having all of them removed at once by Google. They were published in a wide variety of categories, like cryptocurrency related, currency converters, weather, and fitness. Many recorded several thousand downloads.

Once downloaded on an Android device and launched for the first time, the apps removed their icons from the home screen, probably to make it more difficult for users to remove then, but also to make it harder to figure out which app was pushing the malicious behavior.

Ads on the lock screen

They started showing ads, even on the home and lock screens, while also collecting information like unique identifier, app package name, and Android OS version. All information was sent to a remote server, and in some instances, Avast says that apps also waited for links from a second remote server, most likely to download additional apps.

“Based on the information the apps send back to the server, we don’t think this information was being used to spy on the user, but rather to confirm the phone’s had the right configuration to send payloads to, or to make sure ads could be displayed properly,” Avast says.

Many of the apps that were downloaded following the adware infection have relevant reviews posted by users whose devices were compromised and were forced to install additional payloads. Additionally, there were also 5-star reviews on some occasions, but Avast says these reviews were most likely fake.

Google has already removed all these apps from the Google Play Store, and users who want to uninstall these apps need to do it from the Store since the icon on the home screen was already gone.

Source

 

Link to comment
Share on other sites

  • Replies 2
  • Created
  • Last Reply
  • Administrator
Quote

Google has already removed all these apps from the Google Play Store, and users who want to uninstall these apps need to do it from the Store since the icon on the home screen was already gone.

 

I wonder if the Google Play Protect thing that Google has introduced recently would remove them.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...