Android Apps With Millions of Downloads on Google Play Contain Adware: Avast
Advertisement
By Ketan Pratap | Updated: 4 February 2015 11:32 IST
Avast, the antivirus software company, on Tuesday reported about new
malware (specifically adware) in some popular Android apps that were
available to download from the Google Play. Avast's Filip Chytry in a
blog post has named a few of such apps which include Durak card game, an
IQ test and Russian History app, all of which saw millions of
downloads.
Fortunately, soon after the report discovering adware in
these apps surfaced Google suspended the apps and the listings from
Google Play were pulled down.
Notably, apps display ads hidden as
warning messages to users when they unlocked their Android smartphones.
The matter was first noticed and reported by a user on Avast Forum who also uploaded a video
showing how the malicious apps worked on an Android smartphone.
The
user wrote, "I've found a dozen of apps in Google Play with same
malicious ad SDK integrated. Each time you unlock your device the app
will open ad url in background or show interstitial ad over the screen."
"By
some reason Avast Mobile Security doesn't treat these apps as
suspicious or dangerous, although it is rather easy to detect apps with
this ad SDK, they have same components declared in manifest," he added.
The
antivirus software maker in its blog post was also quick to point out
that Avast Mobile Premium detects such apps that display such ads.
TechCrunch points out
that Avast is analysing more apps, apart from the three named above,
for similar malicious behaviour in the hopes to find other popular apps
with similar adware.
Chytry adds that when he first saw the user
report, he didn't think much it, but then discovered that the apps
reported were "a bit bigger" than he initially thought. "First of all,
the apps are on Google Play, meaning that they have a huge target
audience - in English speaking and other language regions as well.
Second, the apps were already downloaded by millions of users and third,
I was surprised that the adware lead to some legitimate companies," he
noted.
According to Avast, the malicious apps remain composed until
the device has been restarted. After a week once the device has been
restarted once, users start receiving pop up warning messages about
"your device is infected, out of date or full of porn."
Chytry
adds, "Some of the apps wait up to 30 days until they show their true
colours. After 30 days, I guess not many people would know which app is
causing abnormal behaviour on their phone." The popup warning messages
that come up each time a user unlocks the device are just hoax messages
and are meant to redirect the user to "harmful threats on fake pages."
"If
you approve you get re-directed to harmful threats on fake pages, like
dubious app stores and apps that attempt to send premium SMS behind your
back or to apps that simply collect too much of your data for comfort
while offering you no additional value," the post adds.
Another
concern raised by Avast's Filip Chytry is that in some cases users are
directed to other security and antivirus apps available on Google Play,
which might mean that developers or companies are promoting their apps
via adware.
Unfortunately, even after installing the security apps from Google Play, the malicious messages keep popping up.
"Even
if you install the security apps, the undesirable ads popping up on
your phone don't stop. This kind of threat can be considered good social
engineering," adds Avast.
This is not the first time Android apps
have been discovered with malicious behaviour. In the past, reports
have pointed out that 99 out of every 100 mobile devices fall prey to
mobile malware are Android devices. Last year, a top paid app on Google Play store
was uncovered as fake.
Users are recommended to use caution
when downloading apps, even from the Google Play store, by reading
reviews thoroughly and trying to choose trusted developers.
Android 16 QPR1 Beta 1.1 With Bug Fixes Rolling Out for Pixel Devices: All Details5 June 2025
Search
