The Information Highway

The Information Highway

Font size: +
2 minutes reading time (405 words)

Android adware apps on Google Play amass two million installs

Several malicious Google Play Android apps installed over 2 million times push intrusive ads to users while concealing their presence on the infected devices. 

In their latest monthly mobile threat report, Doctor Web's analysts identified trojans on Google Play associated with the 'FakeApp,' 'Joker,' and the 'HiddenAds' malware families.

Of particular interest are the following four adware (HiddenAds) apps disguised as games:

  • Super Skibydi Killer – 1,000,000 downloads
  • Agent Shooter – 500,000 downloads
  • Rainbow Stretch – 50,000 downloads
  • Rubber Punch 3D – 500,000 downloads
HiddenAds game app on Google Play (Dr. Web)

Dr. Web explains that once victims install these apps on their devices, they hide by replacing their icons with that of Google Chrome or using a transparent icon image to create empty space in the app drawer.

These apps run stealthily in the background upon launch, abusing the browser to launch ads and generate revenue for their operators.

The analysts also discovered several apps belonging to the FakeApp family, which direct users to investment scam sites.

In other cases, Dr. Web spotted game apps that loaded dubious online casino websites in violation of Google Play policies.

Some notable examples of those are:

  • Eternal Maze (Yana Pospyelova) – 50,000 downloads
  • Jungle Jewels (Vaibhav Wable) – 10,000 downloads
  • Stellar Secrets (Pepperstocks) – 10,000 downloads
  • Fire Fruits (Sandr Sevill) – 10,000 downloads
  • Cowboy's Frontier (Precipice Game Studios) – 10,000 downloads
  • Enchanted Elixir (Acomadyi) – 10,000 downloads
Fake app taking users to casino sites (Dr. Web)

Finally, the antivirus team spotted two Joker family apps on Google Play, which subscribe users to premium paid services:

  • Love Emoji Messenger (Korsinka Vimoipan) – 50,000 downloads
  • Beauty Wallpaper HD (fm0989184) – 1,000 downloads

All the apps presented in this report have been removed from Google Play by the time of writing.

Still, users who might have installed them in the past must delete them immediately and perform a complete device scan using Play Protect and a mobile antivirus tool.

Dr. Web has also published a list of hashes for all malicious Android apps its analysts discovered last month on GitHub.

To avoid downloading malicious software from Google Play, minimize the apps you install to the minimum required, carefully read user reviews, and perform checks to ensure the publisher is trustworthy. 

Microsoft: Octo Tempest is one of the most dangero...
StripedFly malware framework infects 1 million Win...

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Thursday, 19 December 2024

Captcha Image

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023