Three Apps Pulled From Google Play After Infecting Millions Of Devices With Adware

Google has removed three apps from its Google Play store after they were found to be infected with adware that had already been downloaded millions of times.

Card game app Durak was the most downloaded of the malicious apps with 10 million installations, Google Play has revealed.

The dormant threat

Like the other infect apps, it functioned normally when installed – seemingly only affecting the device at least a couple of hours after you next reboot it. In some cases, the adware takes up to a month to reveal itself.

In a blogpost, Filip Chytry, mobile malware analyst at security firm Avast, wrote: “Each time you unlock your device an ad is presented to you, warning you about a problem, e.g. that your device is infected, out of date or full of porn. This, of course, is a complete lie. You are then asked to take action. However, if you approve you get re-directed to harmful threats on fake pages, like dubious app stores and apps that attempt to send premium SMS behind your back or to apps that simply collect too much of your data for comfort while offering you no additional value.”

Bizarrely, some users of the infected apps were directed to harmless security apps on Google Play. “But even if you install the security apps, the undesirable ads popping up on your phone don‘t stop,” Chytry commented. “This kind of threat can be considered good social engineering. Most people won‘t be able to find the source of the problem and will face fake ads each time they unlock their device. I believe that most people will trust that there is a problem that can be solved with one of the apps advertised ‘solutions’ and will follow the recommended steps, which may lead to an investment into unwanted apps from untrusted sources.”

Google’s developer content policy forbids adverts through system-level notifications unless it is an integral feature of an app. But, in this instance, the malicious adverts were being delivered by three legitimate third-party ad networks.

Google today confirmed it has so far removed three infected apps from its Play store, including Durak, along with an IQ test app and Russian history app both aimed at Russian-language users.

How much do you know about IT security? Take our quiz!

Duncan Macrae

Duncan MacRae is former editor and now a contributor to TechWeekEurope. He previously edited Computer Business Review's print/digital magazines and CBR Online, as well as Arabian Computer News in the UAE.

Recent Posts

Boeing Starliner Launches Successfully, On Route To International Space Station

Boeing's crewless space taxi, CST-100 Starliner, one step closer to NASA certification, as it enters…

2 days ago

Apple Accused By Union Of Staff Law Violations At NY Store

Staff at Apple's World Trade Centre store in New York are allegedly being questioned and…

2 days ago

Canada To Join Five Eyes 5G Ban On Huawei/ZTE

Making it official. Canada is to turn its unofficial ban on 5G kit from Huawei…

2 days ago

Twitter To Hide Tweets That Share False Information During A Crisis

Potentially risking Elon's wrath over free speech, Twitter says it will hide tweets spreading misinformation…

3 days ago

Boeing Starliner Test Flight Readied For Tonight

Third time the charm? Main rival to SpaceX's Dragon capsule, the embattled Boeing Starliner spacecraft,…

3 days ago

September 13 Slated For iPhone 14 Launch – Report

No surprise there. Apple is slated to launch the iPhone 14 on 13 September according…

3 days ago