Google removes 85 Android adware apps downloaded by users millions of times

Google removes 85 Android adware apps downloaded by users millions of times
featured image

This article originally appeared in Silicon Angle on January 9, 2019.

The new year has ushered in a new range of Android malware, as Google LLC was forced to remove 85 nefarious apps uncovered Tuesday by security researchers at Trend Micro Inc.

The apps, disguised as 85 game, TV and remote control simulator apps on the Google Play Store, contained a code for a recently discovered adware family known as AndroidOS_HidenAd.

The adware code apparently can display full-screen ads, hiding itself, monitoring a device’s screen unlocking functionality and running in the mobile device’s background.

In total, the apps are believed to have been downloaded about 9 million times, with one single app, “Easy Universal TV Remote,” downloaded more than 5 million times.

Screenshots from the testing of the adware show insidious ad insertion, including full-screen ad overlays that when closed often present even more ads. Typically, the adware would sit in the background of an infected Android device and display a full-screen ad every 15 or 30 minutes regardless of whether the user had the infected app open at a given point of time.

“While the fake apps can be removed manually via the phone’s app uninstall feature, it can be difficult to get there when full-screen ads show up every 15 or 30 minutes or each time a user unlocks the device’s screen,” the researchers wrote.

Mike Bittner, digital security and operations manager at The Media Trust, told SiliconANGLE that adware is not just annoying but can also be risky to users by directing devices to steal information linked to the user’s device and behaviors, downloading unwanted files and redirecting users to malicious sites.

“It is tantamount to a hostile takeover of the user’s browser,” Bittner said. “Once bad actors are able to collect information en masse, they can sell the information on the dark web or parlay that information for targeting activities that enable bad actors to commit identity theft or influence voter behavior.”

Bittner said it’s significant that organizations are working together to eliminate malicious apps from the digital ecosystem. “These types of collaboration are key to combating hackers, who themselves are banding together to develop ever more potent malware for increasingly sophisticated malicious campaigns,” he said.

A full list of the adware-infected apps can be found here.