0618 GMT October 15, 2019
Nine malware-filled apps that were housed on the Google Play Store ended up being installed by eight million Android users around the world, express.co.uk reported.
One app in particular was downloaded onto more than five million Android devices, ESET security researcher Lukas Stefanko said.
None of the fake Android apps actually have the functionality they promise users.
Instead, the nine Android apps simply bombard users with ads to generate revenue for the app developers.
In a tweet Stefanko said, “Nine fake apps containing #Adware functionality found on Google Play with over eight million installs.
“Unwanted code is hidden in ‘not working’ apps that once launched, hide itself from user's view and display ads.
“All these apps are fake without any promised functionality.”
Stefanko posted a screenshot taken from the Play Store of all affected Android apps which were made by the developer Tools4TV.
Stefanko advised users not to install these apps and to remove the programs from their devices.
The security expert tweeted: “Don't install these apps — they are still on Play Store.
“How to remove them: Settings -> Apps -> [app name from image] -> Uninstall”.
Following Stefanko’s warning the apps from Tools4TV have been removed from the Google Play Store.
The news came hot on the heels of another similar Android alert.
Recently Trend Micro also discovered some 85 fake Android apps on the Google Play Store that were loaded with malware.
One of these malware-filled apps which appeared on the Google Play Store was downloaded more than five million times by Android users.
The fake Android apps discovered on the Google Play Store by security experts Trend Micro were in total downloaded nine million times.
The fake apps disguised themselves on the Google Play Store as games, TV or remote control simulator apps.
Trend Micro noted that there were multiple complaints about the Android app in the comments section of the Google Play Store.
One review said, “An ad within 30 seconds of opening the app, and ya’ll got some nerve to ask me for a five star review, moments after opening the app.”
Describing how the adware in the affected apps worked, Trend Micro said, “We tested each of the fake apps related to the adware family and discovered that though they come from different makers and have different APK cert public keys, they exhibit similar behaviors and share the same code.
“After the adware is downloaded and launched on a mobile device, a full-screen ad initially pops up.
“Upon closing the first ad, call to action buttons such as 'start', 'open app', or 'next', as well as a banner ad will appear on the mobile device’s screen.
“Tapping on the call to action button brings up another full-screen ad.
“After the user exits the full-screen ad, more buttons that provide app-related options for users appear on the screen.
“It also prompts the user to give the app a five-star rating on Google Play.
“If the user clicks on any of the buttons, a full-screen ad will pop up again.”
The apps highlighted by Trend Micro have since been removed from the Google Play Store.