After numerous reports of phony programs and malware hiding within its ranks, security researchers have discovered another massive trove of adware on the Google Play Store. As our readers probably know, this isn’t the first time bad apps have been found on Google Play, but nobody knows when Google will finally take the hint that something needs to be done!
These programs go to great lengths to conceal suspicious activity and have managed to trick millions into downloading and running them on their devices. Once installed, they go to work to generate fraudulent ad revenue for cybercriminals — turning anyone using these apps into an unwilling accomplice.
Android phones haven’t had the best of luck when it comes to their official app store and there’s no telling when this onslaught of spam and malware will finally come to an end. We have the latest details on these new adware findings, as well as the complete list of affected apps that you should delete from your phone as soon as you can.
Ad click fraud rampant in the Google Play store, yet again
Researchers at security firm Trend Micro recently published a list of applications that, upon scrutiny, were revealed to be nothing more than venues for ad fraud. This isn’t the first time that impostor adware of this sort has been found on the Google Play Store. And judging by the platform’s continued lack of moderation, it likely won’t be the last time.
These apps, which numbered in the millions in terms of active users and installs, mostly took the form of camera and photography applications. What happens below the surface after the apps are installed, however, is quite a bit more sinister.
Several of these apps are timed to delete their app icon after 30 minutes — replacing it with a web browser link that embeds itself into the user’s home screen. This makes uninstalling much more difficult and allows the applications to spam the user with even more ads than normal.
Functionally, most of these ads engage in what is called “click fraud.” This means that they run quietly in the background without you knowing it — serving up advertisements and automatically clicking on them without your consent.
This can help the cybercriminals responsible generate thousands of dollars in fraudulent ad revenue with very little effort, making this scam a particularly lucrative enterprise.
By Trend Micro’s estimates, around 8 million people have inadvertently downloaded and installed these programs, meaning that millions of people and their devices have become unwitting accomplices to fraud without knowing it.
Which apps were affected? How can I protect myself?
Unlike in previous episodes in the seemingly never-ending Google Plus adware story, Trend Micro took the time to publish a complete list of the offending applications. This way, users can search to see if any of the programs in their collection are using their device to farm clicks and ad revenue.
To use the list, just make sure to reference the center column (App Name/Label) when searching your phone for at-risk applications. This will help prevent you from deleting applications that are benign or non-threatening.
If you didn’t download any of the apps on the list or don’t have any of these on your device, you’re probably safe from this scam. For now, until the next list is discovered.
If any of the apps prevent you from deleting them, or you find yourself unable to remove any apps shown on the list, your best bet will then be to restore your phone by navigating to Settings, then Backup & Reset. Just make sure you’ve backed up any personal data like photos or contacts before proceeding with this option.
Not every app on the list is still present in Google Play. The company, when informed of offenders, does usually manage to delete the fraudulent apps without issue. If only they were as on-point about preventing these apps from getting approved in the first place.
Until then, make sure to read the reviews and star rankings carefully before downloading any third-party apps from the Google Play Store. Treading cautiously could be the difference between having fun with an app or being a patsy for ad fraud. I know what I’d rather be doing.