Google removes a set of 21 malicious apps from the Play Store

Pierluigi Paganini October 27, 2020

Google has removed 21 malicious apps from the official Play Store because they were found to serve intrusive and annoying ads.

Google has removed 21 new malicious apps from the official Play Store because they were found displaying intrusive ads.

The following malicious apps were spotted by researchers from cybersecurity firm Avast:

Shoot Them
Crush Car
Rolling Scroll
Helicopter Attack – NEW
Assassin Legend – 2020 NEW
Helicopter Shoot
Rugby Pass
Flying Skateboard
Iron it
Shooting Run
Plant Monster
Find Hidden
Find 5 Differences – 2020 NEW
Rotate Shape
Jump Jump
Find the Differences – Puzzle Game
Sway Man
Money Destroyer
Desert Against
Cream Trip – NEW
Props Rescue

The Android apps reported in the above table were downloaded nearly eight million times by Android users.

“the apps in question are 21 gaming apps that come packed with hidden adware that is part of the HiddenAds family. According to SensorTower, a mobile apps marketing intelligence and insights company, the apps have been downloaded approximately eight million times thus far.” reads the post published by Avast.

The tainted gaming apps are bundled with HiddenAds malware, which is known to be an adware that serves intrusive ads outside of the app.

Threat actors behind these malicious apps advertised them on social media channels to lure users into downloading them.

“Developers of adware are increasingly using social media channels, like regular marketers would,” Jakub Vávra, Threat Analyst at Avast, says. “This time, users reported they were targeted with ads promoting the games on YouTube. In September, we saw adware spread via TikTok. The popularity of these social networks make them an attractive advertising platform, also for cybercriminals, to target a younger audience,”

Upon installing the malicious apps, they hide their icons to prevent deletion and they also hide behind relevant-looking advertisements, making them hard to identify. 

The apps also have the ability to draw over other apps to show timed ads that users cannot skip. Experts also reported that in some cases the malware uses the browser to bombard the users with annoying ads.

Fortunately, the apps do not implement rootkit capabilities and users can uninstall them from the app manager features of the device.

It is not the first time that AVAST discovers tainted applications in the official Play Store. In July, the researchers from AVAST discovered a currency converter application in the Google Play store that was downloaded by more than 10,000 users and that was designed to deliver the Cerberus banking Trojan.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Google Play Store)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment