Security researchers have detected plenty of Android apps on the Play store that serve ads to unsuspecting victims in order to make money. ESET reportedly found 42 apps on Google Play as belonging to the adware campaign, which had been running since July 2018. Of those, 21 were still available at the time of discovery. The report says that the apps have been downloaded more than 8 million times.
“We reported the apps to the Google security team and they were swiftly removed. However, the apps are still available in third-party app stores,” said the researchers in a statement on Thursday. Once launched, the “Ashas” adware family app sent “home” key data about the affected device: device type, OS version, language, number of installed apps, free storage space, battery status, whether the device is rooted and Developer mode enabled, and whether Facebook and FB Messenger are installed.
“The app receives configuration data from the command and control server (C&C) server, needed for displaying ads, and for stealth and resilience,” said security researcher Lukas Stefanko. If users install an adware-infected app, they will witness full-screen ads on their device’s display at semi-random intervals. “If a typical user tries to get rid of the malicious app, chances are that only the shortcut ends up getting removed. The app then continues to run in the background without the user’s knowledge. This stealth technique has been gaining popularity among adware-related threats distributed via Google Play,” the researchers noted.
Besides, earlier this month, Researchers detected around 172 malicious apps on Google Play Store. Moreover, those infected apps were found with over 335 million downloads in September 2019. ESET researcher Lukas Stefanko said that a majority of those malicious apps were harboring adware, Threatpost reports. The malicious category includes the applications that are infected by adware, subscription scams, hidden ads, SMS premium subscription, and more.
– With inputs from IANS