Researchers have discovered many malicious gaming apps on Google Play that come loaded with adware, indicating that the tech giant continues to struggle with keeping bad apps off its online marketplace.
Android apps packed with malware from Hidden Ads family downloaded 8m times from the online marketplace.
21 gaming ads discovered on Google packed with adware from the HiddenAds family were downloaded about 8m times so far, states new research Avast, which quoted statistics from Sensor Tower on the number of downloads.
The apps pretend to be a fun or useful application but actually “exist to serve up intrusive ads outside the app,” according to a blog posted this week by Emma McGowan, a Senior Writer at Avast. In the instances observed by the team, the apps entice users by promising them the ability to virtually “let your car fly across the road, trees, hills,” to shoot criminals from a helicopter, or virtually iron their clothes she wrote.
“The apps also have tactics to avoid detection by users, hiding their icons so they can’t be deleted, & hiding behind relevant-looking advertisements, which makes them hard to identify, McGowan wrote.
This tactic is similar to an adware campaign researchers discovered in July also associated with malicious photo apps on Google Play. The apps would flood Android devices with random ads instead of functioning as advertised. Like the most recent adware campaign, the apps also eluded detection by making their icons disappear from the device home screen soon after they are downloaded.
Users of the apps in the latest campaign reported finding them in ads promoting the games on YouTube, showing an increasing tendency of adware developers to use social-media channels to distribute their malicious wares, “like regular marketers would,” Jakub Vávra, Threat Analyst at Avast, outlined in a statement.
Indeed, the adware found on Google Play is 1 in a series of recent discoveries of this type of malware on social networks. In Sept., researchers observed adware spread via TikTok, he explained.
“The popularity of these social networks make them an attractive advertising platform, also for cyber-criminals, to target a younger audience,” Vavra commented.
Among these endeavours include stronger vetting mechanisms—which resulted in more than 790,000 apps that violate Google’s policies for app submission stopped last year before they were ever published–as well as an alliance with 3 endpoint security firms to help stop malicious apps before they get to Google Play.
Most recently in Sept., Google declared a war with so-called stalkerware on its Android app marketplace, announcing a plan to prohibit any apps that can be used to allow someone to surreptitiously track the location or online activity of another person as of Oct. 1.
Despite all of these efforts, Google continues to grapple with Android app security on the marketplace. In Jan., Google said it removed 17,000 Android apps to date from the Play store that have been conduits for the Joker spyware (a.k.a. Bread).
However, in early Sept., the company deleted 6 apps from its Google Play marketplace that were infecting users with Joker & had accounted for nearly 200,000 installs.
Later in the month, researchers revealed that they found more than 300 apps on the Google Play Store breaking basic cryptography code rules, showing how easy it is even for popular & seemingly legitimate apps on the marketplace to create security risks.