Adware Apps

Researchers discovered around 85 malicious adware apps from Google play store that downloads more than 9 million Android users around the world.

These 85 malicious apps uploaded under various categories on the Google Play store such as game, TV, and remote control simulator apps.

This adware family detect as AndroidOS_HidenAd and apps are capable of performing various malicious activities including displa full-screen ads, hiding itself, monitoring a device’s screen unlocking functionality, and running in the mobile device’s background.

All the apps were uploaded by developers for an only purpose to make illegal money by displaying the various unwanted ads in installed victims mobiles.


A screen capture of some of the adware apps

An App called Easy Universal TV Remote fall under most downloaded app among 85 apps that allow users to control their TV by installing it on their smartphone that already downloaded more than 5 million users.

Adware app that claims to control TV

Adware Apps Infection Behavior

An investigation that conducted on these apps reveals that the apps were uploaded by different developers and its related to different adware families with APK cert public keys and they are using similar ad behavior.

Once it download an installed into the victims mobile, it shows the full screen popup ads.

Trend Micro Researchers said, “Upon closing the first ad, call to action buttons such as “start,” “open app,” or “next,” as well as a banner ad will appear on the mobile device’s screen. Tapping on the call to action button brings up another full-screen ad.”

If users try to close the apps then it popups with more options on the screen to perform actions by creating the curiosity from users to click on it.

Afterwords The fake app keep runs in a device’s background after hiding itself. Though hidden, the adware is configured to show a full-screen ad every 15 or 30 minutes on the user’s device.

Especially some of the apps contains a behavior of monitoring the screen unlocking action and every time it popup the ads screen unlock moment done by user.

All the apps were reported to Google and the apps were removed from Goolge Platstore but developer still earning money from millions of already installed Android Devices.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Master in Wireshark Network Analysis to keep your self-updated.

Also Read:

Beware !! These 22 Malware Apps in Playstore Drained Your Battery & Steal Personal Data – 2M Users Infected

Android Malware in QR Code apps that Downloaded More than 500,000 times from Play Store