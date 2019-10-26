Security researchers have uncovered more malicious apps in the Google Play store, believed to have been downloaded over 8 million times.
Techcrunch reports the findings by ESET researchers about 42 apps containing adware, which serves users with full-screen ads at semi-random intervals.
The researchers warn that the apps mimic Facebook and Google's apps to avoid raising suspicion, while also deleting their own shortcut icons to make them harder to remove.
The app's second function is to send data about the user's device - including if certain apps are installed and if the device allows apps from third-party sources - which signals to attackers that they have an in to install more malicious software on a device.
ESET's security researcher Lukas Stefanko said all the problematic apps they analysed had the same adware functions. He added that the apps would check if an affected device was connected to Google's servers, and if it was being tested by Google Play's security mechanisms for detecting malicious apps, the adware payload will not be triggered. A check by Techcrunch revealed that some of the apps had already racked up anywhere from 500,000 to over 5 million downloads each since being published to the Android app store in July 2018. ESET says a Vietnamese college student may be behind the adware campaign but gave no further details. A Google spokesperson says the offending apps have been removed but did not comment on the issue beyond acknowledging the removal. However, researchers warn that the apps are still available from third-party app stores.
