It seems like there is no end to these stories. Every so often we’re reporting that more malicious apps have been found on Google Play. At some point it seems Google should get better at weeding those out.
Yet, here’s another story. Eighty-five Android apps were downloaded a total of 8 million times from Google Play. These photography and gaming apps flooded users with spam.
More Malicous Apps at Google Play
Google has now removed the apps, but not until after being download 8 million times and proving to be just adware disguised as photography and gaming apps.
Ecular Xu, a Trend Micro mobile threat response engineer, said the apps posed as photography utilities and games, enticing Android users to download them. Once downloaded to the phones, they pushed a non-stop flow of apps that were so difficult to close that it made it difficult to use the phones normally.
These applications included Magic Camera, Make Magical Photos, Blur Photo Editor, Background Replacement, Find the Difference: Smart Detective, and Color House2019.
Trend Micro detected that these apps served adware identified as AndroidOS_Hidenad.HRXH and noted to not be typical code.
After the apps were launched, two timesteps were recorded, both the current time and time it was installed, and it “would then register a Broadcast Receiver that allows Android apps to send or receive system and app events,” according to ZDnet.
When a device with these downloaded apps is unlocked, the timestamps are checked to see if it has been over thirty minutes since the install so that it can avoid sandboxing and analysis. If it’s been more than thirty minutes, a home screen shortcut is created, and the icon is hidden so that it can’t be easily uninstalled.
Whenever the device is unlocked again, ads are displayed. The timechecks are still at work to be sure the same ad doesn’t display too often. Additionally, these ads are shown fullscreen, forcing the user to watch it before being able to exit.
Downloader Beware
Be aware that according to Trend Micro’s research, more than half of the fraudulent mobile apps fall into the categories of “Games” and “Tools and Utilities.” And, of course, that’s not just adware – that also includes malware, spyware, and stalkerware.
Once they are reported and/or discovered, they are removed from the Google Play Store, but it seems like there must be something more they can do to prevent that from happening continuously.
What do you think Google can do to clean up this problem in the Google Play Store? Have you been affected by annoying Android adware apps? Tell us your thoughts and experiences in the comments below.
