Even after plenty of complaints/reports over the last few years, Google hasn't been able to get a grip over the problem of malicious apps slipping into the Play Store.
The company recently removed dozens of malware-laced apps from the marketplace, and now, in a similarly disappointing case, it is being reported that some 17 apps are capable of showing aggressive ads.
Here are those apps (List 1)
First of all, the apps in question include:
1) Car Racing 2019 2) 4K Wallpaper (Background 4K Full HD) 3) Backgrounds 4K HD 4) QR Code Reader & Barcode Scanner Pro 5) File Manager Pro - Manager SD Card/Explorer 6) VMOWO City: Speed Racing 3D 7) Barcode Scanner b) Screen Stream Mirroring 9) QR Code - Scan & Read a Barcode.
Do you know?
Here are those apps (List 2)
10) Period Tracker - Cycle Ovulation Women's 11) QR & Barcode Scan Reader 12) Wallpapers 4K, Backgrounds HD 13) Transfer Data Smart 14) Explorer File Manager 15) Today Weather Radar 16) Mobnet.io: Big Fish Frenzy 17) Clock LED.
Utility apps hiding, displaying intrusive ads
As first reported by Bitdefender, the apps in question look like regular utility programs for file management, QR code scanning, discovering/downloading new wallpapers, or tracking periods.
However, in reality, they affect the user by disappearing from their phones sometime after installation and displaying annoying ads from time to time - a sneaky step often taken by scammers to make quick money from apps.
Plus, they have been downloaded over 550,000 times
As these apps look pretty innocuous, a number of people appear to have fallen for them.
Specifically, all 17 apps have been downloaded more than 550,000 times, which means many users could be suffering from their ability to hide and show ads.
Notably, intrusive ads not just disrupt the experience of using apps but also increase the risk of malware and phishing attacks.
But, how these apps passed Google's vetting system?
The fact that these apps bypassed Google's vetting system and survived long enough on Play Store to rake hundreds of thousands of downloads is a point of concern.
Bitdefender notes the apps achieved this by using specific tricks to make Google think they are legit.
This included tricks like waiting 48 hours before disappearing from targeted phone and showing ads after a 4-hour delay.
Other things also helped fool Google
Among other things, using the right kind of files for the apps, splitting their code into multiple resources as well as displaying ads at random times also helped the developers in tricking Google into thinking that their programs weren't malicious, Bitdefender added.
Now, they are in the process of being removed
Google has not commented on the matter but Bitdefender claims that the activity of the apps in question has been reported to the internet giant and it is now working to take them offline.
Interestingly, several users of the app had claimed in reviews that they contained adware but Google didn't take any action until now.