Android malware found in apps with millions of downloads

A new form of adware was found in the Google Play store after a user flagged up the bug, said anti-virus company.

Security firm Avast said that the applications appeared to contain hidden code that made ads, disguised as warning messages, pop up to users when they unlocked their smartphones.

According to media reports, Google blocked access to some of the apps but only after they were installed by millions of people on phones and tables.

A card game app called Durak, for example, had up to 10 million downloads, based on figures from Google Play’s own counter.

The issue was initially investigated by a user who later took to Avast’s forum to share his findings. The pop-up ads told him his phone was running “slow” and that he needed to install new software to fix the glitch. If he followed the on-screen messages he was then sent to download other apps, of which not all were legitimate.

“This didn’t seem like anything spectacular at the beginning, but once I took a closer look it turned out that this malware was a bit bigger than I initially thought,” wrote Filip Chytry, malware analyst at Avast, in a blog post.

“You get re-directed to harmful threats on fake pages, like dubious app stores and apps that attempt to send premium SMS behind your back or to apps that simply collect too much of your data for comfort while offering you no additional value,” he said.

A spokesman for Google told the BBC that they were just confirming that all the apps in the report have been suspended “and nothing more”.

Other affected apps include an IQ test app, which had between one and five million installs, and a Russian history app, which has been downloaded between 10,000 and 50,000 times.

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them