Saturday, May 3, 2025
HomeAdware17 Malicious Android Apps Discovered in Google Play Store that Infects 550,000...

17 Malicious Android Apps Discovered in Google Play Store that Infects 550,000 Android Devices

Published on

SIEM as a Service

Follow Us on Google News

Researchers discovered 17 malicious Android apps from the Google play store that infects nearly 550,000 Android devices around the world.

These malicious app developers added features to hide their presence on the user’s device, and constantly display aggressive ads once the app gets installed on the victims android devices.

The adware programs will tend to serve unwanted advertisements on your mobile phone and computer. The adware can be included with some apps in a legitimate way to generate revenue.

- Advertisement - Google News

Adware was a trending threat in 2019 and continuously evolving in 2020 especially targeting Android users, and it is a sweet spot for cybercriminals due to the over popularity of Android.

All the 17 nasty apps that discovered in Google play store installed 550,000 times in total, and these are found that it was bypassed the Google play protect and flying under the Google security radar.

Malicious Apps Activities

Researchers analysed one of the apps in the list, a racing simulator that offers in-app payments for extra in-game features.

The app randomly generates popup ads the user is not playing the game and hides for some time following the installation and the ads display pattern is very hard to recognize.

The app comes with the 2 component and the first component has the malicious code and the second component is an actual game.

According to the Bitdefender research, In terms of registered receivers, the first one is for android.intent.action.BOOT_COMPLETED. When the broadcast is received, the app will begin an activity, which starts a job scheduler for showing ads.  The scheduled service starts after 10 minutes and shows an ad only once.

Cybercriminals using modified Adware SDK to the randomness of ad occurrences and display time intervals.

In other versions, including versions that were at some point on Google Play, requests to the ad web sites also contain sensitive information about the user, such as phone model, IMEI, IP address, MAC address, and location information.

Mobile users are strongly recommended to install the security solution on their devices to identify the riskware and malware and other potentially malicious apps as well as phishing or fraudulent websites.

Also, Never download the apps from third-party app stores and research the app before installing it. Here you can find the best Adware Removal Tool to Block Annoying Ads.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Hundreds of Fortune 500 Companies Have Unknowingly Employed North Korean IT Operatives

North Korean nationals have successfully infiltrated the employee ranks of major global corporations at...

Stealthy New NodeJS Backdoor Infects Users Through CAPTCHA Verifications

Security researchers have uncovered a sophisticated malware campaign utilizing fake CAPTCHA verification screens to...

State-Sponsored Hacktivism on the Rise, Transforming the Cyber Threat Landscape

Global cybersecurity landscape is undergoing a significant transformation, as state-sponsored hacktivism gains traction amid...

NVIDIA Riva AI Speech Flaw Let Hackers Gain Unauthorized Access to Abuse GPU Resources & API keys

Researchers have uncovered significant security vulnerabilities in NVIDIA Riva, a breakthrough AI speech technology...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

GPUAF: Two Methods to Root Qualcomm-Based Android Phones

Security researchers have exposed critical vulnerabilities in Qualcomm GPU drivers, impacting a vast array...

SpyMax Android Spyware: Full Remote Access to Monitor Any Activity

Threat intelligence experts at Perplexity uncovered an advanced variant of the SpyMax/SpyNote family of...

43% of Top 100 Enterprise Mobile Apps Expose Sensitive Data to Hackers

A comprehensive study by zLabs, the research team at Zimperium, has found that over...