Technology 3 min read

Security Researchers Discover Adware-Infected Android Apps

Canadadude3D /

Canadadude3D /

Android adware has been in the spotlight within the last couple of months.

Back in August, there was “Triout,” which could record not only phone calls but also export phone interactions from a device. Before then, another adware, dubbed Agent Smith, infected over 25 million Android phones.

Now there’s a new threat to Android devices.

The security researchers at Slovak internet security company, ESET, recently found 42 apps in Google Play, which contain adware. According to the researchers, Android users have downloaded these infected apps over 8 million times since their first debut in July 2018.

Since the apps look like any other app, they are challenging to detect. That means you may have downloaded one already.

So how does an adware-infected app affect Android devices?

How the Adware Works in the Background

As said earlier, these apps look like any other app on the Google Play. So, it’s not surprising that users would download them.

However, the apps would start serving full-screen ads a few moments after installation. Furthermore, these ads pop-up at a semi-random interval, said the researchers.

Why can’t users simply uninstall the adware, you ask?

For one, the apps often delete their shortcut icon after installation, making it difficult to remove. Also, adware-infected apps usually mimic the function of regular apps like Gmail and Twitter to distract users from their actual purpose, which also include collecting user data.

According to the researcher, the apps work stealthily to collect and send data about users’ devices to the attackers.

For example, it could check if you installed some specific apps, and if your device allows apps from non-app store sources. Then, the adware uses this information to install more malicious content on a device.

In a statement to the press, one of ESET’s security researchers, Lukas Stefanko said:

“The adware functionality is the same in all the apps we analyzed.”

Again, you have to ask:

How Did the Adware-Infected Apps Evade Google Play’s Security Mechanism?

Well, according to the researchers, the apps checked if an infected device is connected to Google’s servers, and this allowed them to avoid detection. For example, the adware payload would lie dormant when the apps detect Google Play’s security mechanism.

Some of these apps include Video Downloader Master, with over five million downloads already. Then, there’s Tank Classic, Ringtone Maker Pro, and SaveInsta, which each had 500,000 downloads.

The ESET team believes that college students from Vietnam may be responsible for the adware campaign.

Although Google has removed the infected apps, the security researchers warn that many similar ones exist in third-party app stores.

Read More: 24 Trojan-Infected Apps Got Removed From Google Play Store

First AI Web Content Optimization Platform Just for Writers

Found this article interesting?

Let Sumbo Bello know how much you appreciate this article by clicking the heart icon and by sharing this article on social media.

Profile Image

Sumbo Bello

Sumbo Bello is a creative writer who enjoys creating data-driven content for news sites. In his spare time, he plays basketball and listens to Coldplay.

Comments (0)
Most Recent most recent
share Scroll to top

Link Copied Successfully

Sign in

Sign in to access your personalized homepage, follow authors and topics you love, and clap for stories that matter to you.

Sign in with Google Sign in with Facebook

By using our site you agree to our privacy policy.