Friday, May 16, 2025
HomeAdware50 Malicious Android Apps Bypassed Google Play Protection and Infected 30 Million...

50 Malicious Android Apps Bypassed Google Play Protection and Infected 30 Million Android Users

Published on

SIEM as a Service

Follow Us on Google News

More than 50 malicious apps with more than 30 Million installations found on Google play, that display annoying ads and in some cases, it convinces the user to install other apps.

According to Avast, all the malicious apps are linked together using the third party Android libraries to bypasses background restrictions with the newer versions of Android.

These libraries referred to as “TsSdk” and it displays the more and more annoying ads which are against Play Store policy.

- Advertisement - Google News

Avast research found that the malicious apps were installed more than 30 million times from Google Play before it was removed.

50 Malicious Apps on Google Play

Two versions of adware spotted, the version A installed more than 3.6 million times. The adware included in following apps simple games, fitness, and photo editing apps.

These apps found mostly installed in India, Indonesia, Philippines, Pakistan, Bangladesh, and Nepal.

“Version A is not very well obfuscated and the adware SDK is easy to spot in the code. It is also the less prevalent of the two versions. Some variants of version A also contain code that downloads further applications, prompting the user to install them, ” reads Avast blog post.

version B of TsSdk installed nearly 28 million times, the adware includes fitness and music apps. These apps often downloaded in Philippines, India, Indonesia, Malaysia, Brazil, Nepal, and Great Britain.

Once installed it shows ads within the first hour of the installation and then at frequent intervals. For the first four hours, it shows full-screen ads and then randomly like 15 minutes, 30 minutes and 45 minutes once.

Version B doesn’t seem to work on Android version 8.0(Oreo), due to recent changes in background service management. Full list of the malicious app can be found here.

Common Defences and Mitigations

  • Give careful consideration to the permission asked for by applications.
  • Download applications from trusted sources.
  • Stay up with the latest version.
  • Encrypt your devices.
  • Make frequent backups of important data.
  • Install anti-malware on their devices.
  • Stay strict with CIA Cycle.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Hackers Deliver Banking Malware Through Password Protected ZIP File

Organized Cybercrime – Hacker Groups Work Together To Distribute Banking Malware Globally

Fileless Banking Malware Steals User Credentials, Outlook Contacts, and Installs Hacking Tool

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Windows 10 KB5058379 Update Causes PCs to Enter Recovery Mode and Prompt for BitLocker Key

Security update KB5058379 for Windows 10, released in May 2025, is causing significant technical...

Cybercriminal Andrei Tarasov Escapes US Extradition, Returns to Russia

Andrei Vladimirovich Tarasov, a 33-year-old Russian cybercrime figure known online as "Aels," has returned...

FBI Alerts Public to Malicious Campaign Impersonating US Government Officials

Federal Bureau of Investigation has issued a warning about an ongoing malicious messaging campaign...

Frigidstealer Malware Targets macOS Users to Harvest Login Credentials

An macOS users, a new information-stealing malware dubbed FrigidStealer has emerged as a formidable...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Windows 10 KB5058379 Update Causes PCs to Enter Recovery Mode and Prompt for BitLocker Key

Security update KB5058379 for Windows 10, released in May 2025, is causing significant technical...

Cybercriminal Andrei Tarasov Escapes US Extradition, Returns to Russia

Andrei Vladimirovich Tarasov, a 33-year-old Russian cybercrime figure known online as "Aels," has returned...

FBI Alerts Public to Malicious Campaign Impersonating US Government Officials

Federal Bureau of Investigation has issued a warning about an ongoing malicious messaging campaign...