Google needs to up its game in combating malicious apps on the Play Store based on Avast’s latest findings. The security vendor discovered, with the help of Apklab.io, that 47 gaming apps on Google Play contained adware, and some of them are still available to download.
Of the 47 identified malicious apps, 17 are thought to still be live as Google continues to investigate Avast’s claims. In total, these apps have been downloaded over 15 million times, putting millions of Android users and their devices at risk. The adware takes the form of a Trojan disguised as a legitimate app, in this case a game, and then starts popping up intrusive ads on the infected device. Avast says this particular trojan forms part of the HiddenAds family of adware.
According to Jakub Vávra, threat analyst at Avast, it’s difficult to spot these malicious apps because of the way they work, “Campaigns like HiddenAds may slip into the Play Store by obfuscating their true purpose or slowly introducing malicious features once already downloaded by users. It’s difficult to prevent adware campaigns since actors use one-off developer accounts for each app. While Google has been a great partner to remove malicious apps, users need to remain vigilant.”
It’s likely you’ll know when one of these apps is installed due to the intrusive ads appearing on your device. However, spotting them before download can be difficult because they look like a legitimate app. Avast advises users to check the reviews for any app you are unsure about as the majority wukk be negative. Also, check the developer as typically they have only ever released one app.
According to Avast, the most downloaded apps containing the HiddenAds adware are:
