Malware

Google removes a set of 21 malicious apps from the Play Store

Google has removed 21 malicious apps from the official Play Store because they were found to serve intrusive and annoying ads.

Google has removed 21 new malicious apps from the official Play Store because they were found displaying intrusive ads.

The following malicious apps were spotted by researchers from cybersecurity firm Avast:

Shoot Them

Crush Car

Rolling Scroll

Helicopter Attack – NEW

Assassin Legend – 2020 NEW

Helicopter Shoot

Rugby Pass

Flying Skateboard

Iron it

Shooting Run

Plant Monster

Find Hidden

Find 5 Differences – 2020 NEW

Rotate Shape

Jump Jump

Find the Differences – Puzzle Game

Sway Man

Money Destroyer

Desert Against

Cream Trip – NEW

Props Rescue

The Android apps reported in the above table were downloaded nearly eight million times by Android users.

“the apps in question are 21 gaming apps that come packed with hidden adware that is part of the HiddenAds family. According to SensorTower, a mobile apps marketing intelligence and insights company, the apps have been downloaded approximately eight million times thus far.” reads the post published by Avast.

The tainted gaming apps are bundled with HiddenAds malware, which is known to be an adware that serves intrusive ads outside of the app.

Threat actors behind these malicious apps advertised them on social media channels to lure users into downloading them.

“Developers of adware are increasingly using social media channels, like regular marketers would,” Jakub Vávra, Threat Analyst at Avast, says. “This time, users reported they were targeted with ads promoting the games on YouTube. In September, we saw adware spread via TikTok. The popularity of these social networks make them an attractive advertising platform, also for cybercriminals, to target a younger audience,”

Upon installing the malicious apps, they hide their icons to prevent deletion and they also hide behind relevant-looking advertisements, making them hard to identify.

The apps also have the ability to draw over other apps to show timed ads that users cannot skip. Experts also reported that in some cases the malware uses the browser to bombard the users with annoying ads.

Fortunately, the apps do not implement rootkit capabilities and users can uninstall them from the app manager features of the device.

It is not the first time that AVAST discovers tainted applications in the official Play Store. In July, the researchers from AVAST discovered a currency converter application in the Google Play store that was downloaded by more than 10,000 users and that was designed to deliver the Cerberus banking Trojan.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Google Play Store)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.