Google Play is said to have at least 17 apps that are a part of a Trojan family called HiddenAds, if cybersecurity firm Avast is to be believed. The apps are found to be a part of a large HiddenAds campaign that initially targeted users in India and Southeast Asia. Avast researchers discovered that these apps are masked as games but are designed to display intrusive ads and can steal personal information of users. The researchers noticed that the Trojan apps have the ability to hide their icons from the affected devices and show timed ads that can't be skipped.
The team of Avast researchers initially discovered a total of 47 apps belonging to the Trojan family HiddenAds. Google, however, removed 30 of those apps upon receiving the report from the antivirus company.
“Once the user downloads the app, a timer starts within the app. The user is allowed to play the game for a set period of time, after which the timer triggers the hide icon feature of the app,” explained Avast Threat Operations Analyst Jakub Vávra, in a blog post. “Once the icon is hidden, the app starts to display ads throughout the device without needing further actions from the user.”
Some of the Trojan apps discovered by the Avast team are claimed to even open the browser to display intrusive ads to users. Since the apps hide their icon after a certain time limit, their victims aren't able to understand the origin of the ads they see on their devices. Having said that, the Trojan apps can still be uninstalled through the app manager of the device.
The Avast team found that each of the discovered apps has a separate developer listed on Google Play, with a generic email address. “Similarly, the Terms of Service are identical across the discovered apps, likely pointing to an organised campaign by one actor,” Vávra added.
In total, the apps carrying the Trojan HiddenAds have been downloaded more than 1.5 crore times. Some of the most downloaded titles that were live at the time of filing this story includes Skate Board - New, Find Hidden Differences, Spot Hidden Differences, Tony Shoot - NEW, and Stacking Guys.
The researchers found that the HiddenAds campaign through the apps were most prevalent in Brazil, India, and Turkey. However, it spread across other regions as well.
An email sent to Google didn't elicit a response at the time of publishing this story.
Not the first time
This is notably not the first time when Google Play is found to have the apps that have the potential to steal user information. In July last year, Avast detected apps that were installed a combined 1,30,000 times with the nature of stalking users. Bot mitigation company White Ops in its research paper published earlier this month also revealed that Google removed at least 38 apps from its Google Play store that infested Android devices with out-of-context advertisements.
As Vávra mentioned in a statement posted on GamesIndustry.biz that it is indeed difficult for Google to prevent adware campaigns as there are single developers for each app. “Campaigns like HiddenAds may slip into the Play Store through obfuscating their true purpose or slowly introducing malicious features once already downloaded by users,” analyst said.
Steps to stay away from such apps
Avast has advised users to carefully look for the permissions of the app requests before installing them on their devices. It is also important to take some time and read the privacy policy and terms and conditions of the apps being installed. Furthermore, users are recommended to reconsider downloading the app that has received a large number of negative reviews.
In 2020, will WhatsApp get the killer feature that every Indian is waiting for? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.
For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.