You might think that the Google Play Store is safe from malicious adware, but that's not always the case. No matter how hard Google tries, it can't manage to keep the adware barbarians from storming its gates.
Bitdefender security researcher Alin Barbatei reported that he found 10 malware-infected apps on Google Play. While most of these apps have been removed from the Google Play store, Barbatei noted that the "What is my ip?" app is still on the Google Play store.
Keep in mind that with about a million apps in the Google Play Store, these 10 malware-infected apps that this researcher found are, more than likely, just the tip of the iceberg. If this malware can slip past Google, then chances are a lot more malware has probably already slipped past Google.
The adware loaded onto the "What is my ip?" app is sneaky. Barbatei explained how it works on Bitdefender's HotForSecurity blog:
Once installed, they create a desktop shortcut named “System Manager.” If someone figures out that one of these apps is responsible for all the browser redirects and scareware messages, he’ll have a hard time finding and uninstalling the app in the Application Manager menu as it hides under the vague new name and not, for instance, “What is my ip?” Less tech-savvy users will be thrown off the scent and the app will remain installed and running indefinitely.
The app is built to exploit people who want to know their IP address and don't have all that much technical know-how. Worst of all, it's almost impossible to detect unless you already suspect that there to be malware on your device.