A number of Android apps available through the Google Play Store have been spamming ads and draining batteries. While apps on any mobile platform can potentially be dangerous, the Android platform has in particular been susceptible to bad apps. This is only the latest instance of dangerous apps coming to light.
Android is far more of an open platform compared to iOS and covers a range of different devices with the ability to reach billions of users worldwide. This more open nature, coupled with a greater number of free apps, often makes the Google Play Store a more attractive proposition to app developers – especially ones who might be looking to sneak additional code in. That’s what now seems to be the case with these latest apps.
In a new blog posting, Bitdefender researchers confirmed they have identified 17 different Android apps that appeared to be exhibiting unwanted and malware-like behavior. The researchers did not find any specific malicious features within the apps, but did say they seemed to be designed to aggressively deliver ads. More concerning, it was the way the apps behaved after installation that has likened them to more dangerous apps. For example, once installed, the apps would hold off before hiding themselves in the system and spamming the user with ads. These behaviors, the researchers suggest, are purposely designed to circumvent Google’s Play Store vetting procedures.
The main concern here is not what the apps were doing but how they found a way to circumvent Google’s vetting. This is especially true considering all 17 apps were found to be doing the same thing. While it stands to reason these apps would have likely come from a single source or group, they were listed by different developers. In addition, they targeted different types of users with apps ranging from a racing game, to wallpaper and QR reader apps, to a weather app. While different, all would exhibit the same features and the waiting to hide or start delivering ads were only two of the malware-like behaviors noted by the researchers. The apps’ code was also split into two parts which the team explains makes it harder for researchers to understand the true nature of the app. Although the most obvious way the apps were able to get through Google’s security and onto the Play Store was to do exactly what they promised they would. For example, in the case of the racing game the app let you play the game it advertised.
Again, while these particular apps were not found to be doing anything dangerous beyond spamming ads, reviews of older versions spotted by the research team suggest more menacing behaviors. In some cases this involved the revealing of user information and unnecessarily depleting the battery. In total, these 17 apps were found to have been downloaded more than 500,000 times before Google was alerted and the apps were removed. It’s a reminder that these apps did not just make their way onto the Google Play Store, but also users devices. It’s also a reminder to be aware of what apps you currently have installed on your Android device – especially if it’s acting weird.
More: How To Stop iPhone 11 From Tracking Your Location