Another day, another batch of bad apps in Google Play.
Researchers at security firm Trend Micro have discovered dozens of apps, including popular utilities and games, to serve a ton of deceptively displayed ads — including full-screen ads, hidden ads and running in the background to squeeze as much money out of unsuspecting Android users.
In all, the researchers found 85 apps pushing adware, totaling at least 9 million affected users.
One app — a universal TV remote app for Android — had more than five million users alone, despite a rash of negative reviews and complaints that ads were “hidden in the background.” Other users said that there were “so many ads, [they] can’t even use it.”
The researchers tested each app and found that most shared the same or similar code, and often the apps were similarly named. At every turn, tap or click, the app would display an ad, they found. In doing so, the app generates money for the app maker.
Adware-fueled apps might not seem as other apps packed with malware or hidden functionality, such as apps that pull malicious payloads from another server after the app is installed. At scale, that can amount to thousands of fraudulent ad dollars each week. Some ads also have a tendency to be malicious, containing hidden code that tries to trick users into installing malware on their phones or computers.
Some of the affected apps include: A/C Air Conditioner Remote, Police Chase Extreme City 3D Game, Easy Universal TV Remote, Garage Door Remote Control, Prado Parking City 3D Game, and more. (You can find a full list of apps here.)
Google told TechCrunch that it had removed the apps, but a spokesperson did not comment further.
We tried reaching out to the universal TV remote app creator but the registered email on the since-removed Google Play store points to a domain that no longer exists.
Despite Google’s best efforts in scanning apps before they’re accepted into Google Play, malicious apps are one of the biggest and most common threats to Android users. Google pulled more than 700,000 malicious apps from Google Play in the past year alone, and has tried to improve its back-end to prevent malicious apps from getting into the store in the first place.
Yet the search and mobile giant continues to battle rogue and malicious apps, pulling at least 13 malicious apps in sweep in November alone.
techcrunch.com