Sunday, April 20, 2025
HomeAdware85 Malicious Android Apps Discovered in Google Play Store that Affected 9...

85 Malicious Android Apps Discovered in Google Play Store that Affected 9 Million Users

Published on

SIEM as a Service

Follow Us on Google News

Researchers discovered around 85 malicious adware apps from Google play store that downloads more than 9 million Android users around the world.

These 85 malicious apps uploaded under various categories on the Google Play store such as game, TV, and remote control simulator apps.

This adware family detect as AndroidOS_HidenAd and apps are capable of performing various malicious activities including displa full-screen ads, hiding itself, monitoring a device’s screen unlocking functionality, and running in the mobile device’s background.

- Advertisement - Google News

All the apps were uploaded by developers for an only purpose to make illegal money by displaying the various unwanted ads in installed victims mobiles.


A screen capture of some of the adware apps

An App called Easy Universal TV Remote fall under most downloaded app among 85 apps that allow users to control their TV by installing it on their smartphone that already downloaded more than 5 million users.

Adware app that claims to control TV

Adware Apps Infection Behavior

An investigation that conducted on these apps reveals that the apps were uploaded by different developers and its related to different adware families with APK cert public keys and they are using similar ad behavior.

Once it download an installed into the victims mobile, it shows the full screen popup ads.

Trend Micro Researchers said, “Upon closing the first ad, call to action buttons such as “start,” “open app,” or “next,” as well as a banner ad will appear on the mobile device’s screen. Tapping on the call to action button brings up another full-screen ad.”

If users try to close the apps then it popups with more options on the screen to perform actions by creating the curiosity from users to click on it.

Afterwords The fake app keep runs in a device’s background after hiding itself. Though hidden, the adware is configured to show a full-screen ad every 15 or 30 minutes on the user’s device.

Especially some of the apps contains a behavior of monitoring the screen unlocking action and every time it popup the ads screen unlock moment done by user.

All the apps were reported to Google and the apps were removed from Goolge Platstore but developer still earning money from millions of already installed Android Devices.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Master in Wireshark Network Analysis to keep your self-updated.

Also Read:

Beware !! These 22 Malware Apps in Playstore Drained Your Battery & Steal Personal Data – 2M Users Infected

Android Malware in QR Code apps that Downloaded More than 500,000 times from Play Store

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

10 Best Patch Management Tools 2025

In today's digital landscape, maintaining secure and efficient IT systems is critical for organizations....

10 Best Cloud Security Solutions 2025

In today’s digital era, businesses are increasingly adopting cloud computing to store data, run...

Chinese Hackers Exploit Ivanti Connect Secure Flaw to Gain Unauthorized Access

In a sophisticated cyber-espionage operation, a group known as UNC5221, suspected to have China-nexus,...

New Android SuperCard X Malware Uses NFC-Relay Technique for POS & ATM Transactions

A new malware strain known as SuperCard X has emerged, utilizing an innovative Near-Field...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

SpyMax Android Spyware: Full Remote Access to Monitor Any Activity

Threat intelligence experts at Perplexity uncovered an advanced variant of the SpyMax/SpyNote family of...

43% of Top 100 Enterprise Mobile Apps Expose Sensitive Data to Hackers

A comprehensive study by zLabs, the research team at Zimperium, has found that over...

Hackers Imitate Google Chrome Install Page on Google Play to Distribute Android Malware

Cybersecurity experts have unearthed an intricate cyber campaign that leverages deceptive websites posing as...