Categories: AdwareAndroid

85 Malicious Android Apps Discovered in Google Play Store that Affected 9 Million Users

Researchers discovered around 85 malicious adware apps from Google play store that downloads more than 9 million Android users around the world.

These 85 malicious apps uploaded under various categories on the Google Play store such as game, TV, and remote control simulator apps.

This adware family detect as AndroidOS_HidenAd and apps are capable of performing various malicious activities including displa full-screen ads, hiding itself, monitoring a device’s screen unlocking functionality, and running in the mobile device’s background.

All the apps were uploaded by developers for an only purpose to make illegal money by displaying the various unwanted ads in installed victims mobiles.


A screen capture of some of the adware apps

An App called Easy Universal TV Remote fall under most downloaded app among 85 apps that allow users to control their TV by installing it on their smartphone that already downloaded more than 5 million users.

Adware app that claims to control TV

Adware Apps Infection Behavior

An investigation that conducted on these apps reveals that the apps were uploaded by different developers and its related to different adware families with APK cert public keys and they are using similar ad behavior.

Once it download an installed into the victims mobile, it shows the full screen popup ads.

Trend Micro Researchers said, “Upon closing the first ad, call to action buttons such as “start,” “open app,” or “next,” as well as a banner ad will appear on the mobile device’s screen. Tapping on the call to action button brings up another full-screen ad.”

If users try to close the apps then it popups with more options on the screen to perform actions by creating the curiosity from users to click on it.

Afterwords The fake app keep runs in a device’s background after hiding itself. Though hidden, the adware is configured to show a full-screen ad every 15 or 30 minutes on the user’s device.

Especially some of the apps contains a behavior of monitoring the screen unlocking action and every time it popup the ads screen unlock moment done by user.

All the apps were reported to Google and the apps were removed from Goolge Platstore but developer still earning money from millions of already installed Android Devices.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Master in Wireshark Network Analysis to keep your self-updated.

Also Read:

Beware !! These 22 Malware Apps in Playstore Drained Your Battery & Steal Personal Data – 2M Users Infected

Android Malware in QR Code apps that Downloaded More than 500,000 times from Play Store

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems across…

1 hour ago

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21 popular…

1 hour ago

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its focus…

2 hours ago

RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals

The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu, has…

2 hours ago

Hackers Use Pahalgam Attack-Themed Decoys to Target Indian Government Officials

The Seqrite Labs APT team has uncovered a sophisticated cyber campaign by the Pakistan-linked Transparent…

2 hours ago

LUMMAC.V2 Stealer Uses ClickFix Technique to Deceive Users into Executing Malicious Commands

The LUMMAC.V2 infostealer malware, also known as Lumma or Lummastealer, has emerged as a significant…

2 hours ago