Google Removes 36 Fake Android Security Apps Packed with Adware

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Google has removed 36 Android apps that snuck into the official Play Store, posing as security and performance boosting apps, but which only contained code to mimic the behavior of such apps.

In reality, these applications contained code that focused on showing fake security alerts, displaying intrusive ads, and secretly collecting troves of personal data.

The existence of these apps came to light today, after Trend Micro researcher Lorin Wu published a report about their abusive behavior.

Wu says he spotted the apps in December and worked with Google to remove them from the Play Store.

Malicious apps spammed users with fake security alerts
The researcher says the apps were empty shells. They showed fake alerts in the notifications bar, that when opened would show a misleading animation meant to trick users into thinking the app was fixing the security issue or some sort of performance snag.

But according to Wu, the apps were downloading and showing intrusive ads whenever the user clicked on these notifications.

Hence, the reason why the malicious apps tended to show alerts at regular intervals in an attempt to maximize their monetization opportunity and before users realized the apps were more annoying than useful.

Apps also collected user details
Besides the adware behavior, Wu says the apps also collected lots of sensitive information from the devices they were installed on. The breadth of collected info includes OS details, hardware specs, geolocation details, details on other apps, and so on.

Some apps contained a long-winded EULA agreement in which app authors disclosed their intrusive data collection practices, but Wu says the collected data was "unrelated to the functionality of the app."

This may have also been the reason why Google intervened and removed the apps from the Play Store. Wu published a list of all the apps that featured the intrusive behavior.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top