Avast Discovers 47 Games on Google Play Contain Adware

Joanna Estrada
June 29, 2020

It's hard to prevent adware campaigns since actors use one-off developer accounts for each app. While 38 malware apps were identified a few days ago on the Play-Store, now 17 such apps have been identified that belong to the Trojan family named HiddenAds. It's hard to prevent adware campaigns since actors use one-off developer accounts for each app. Avast's report stated that these apps were intended as game apps on the Play-Store, but were actually designed for intrusive advertising. These apps have been downloaded more than 15 million times. Upon successful installation, the virus displays disruptive ads even when the app installed is not running. This is very annoying and slows down the device by consuming its active memory, hence endangering its health as well.

As Vávra mentioned in a statement posted on GamesIndustry.biz that it is indeed hard for Google to prevent adware campaigns as there are single developers for each app. "Campaigns like HiddenAds may slip into the Play Store through obfuscating their true goal or slowly introducing malicious features once already downloaded by users", analyst said. Through this analysis, Avast was able to find the campaign by comparing their similar activities, features and network traffic.

Some of the Trojan apps discovered by the Avast team are claimed to even open the browser to display intrusive ads to users. "The user is allowed to play the game for a set period of time, after which the timer triggers the hide icon feature of the app", explained Avast Threat Operations Analyst Jakub Vávra, in a blog post. These apps started showing ads after the icon disappeared.

The firm says the initial detection was made through similarities with a previous HiddenAds campaign that was also present on the Play Store. The reviews for these apps will often be extremely negative, citing excessive ads or low functionality of the alleged app features. Such signs include unknown developers, negative reviews, and extensive permission requests. "While Google has been a great partner to remove malicious apps, users need to remain vigilant". The developers of such apps also have only one app on their accounts, which is another clue that the app has malicious intentions. By checking the permissions the app requests before installing it and reading user reviews, users should be able to avoid falling victim to downloading adware.

Other reports by Click Lancashire

Discuss This Article