Cybersecurity researchers have identified several Android apps on the Google Play Store that contain deceptive adware. These apps, disguised as innocent games, messaging platforms, and wallpaper tools, silently serve ads and sign users up for premium services. The apps, associated with malware types such as FakeApp, Joker, and HiddenAds, have been downloaded approximately two million times. While Google has removed the apps from the Play Store, users are advised to manually uninstall them and take additional precautions such as installing antivirus software, limiting the number of apps, checking ratings and reviews, and being cautious with app permissions.
Several Android apps on Google Play, including Super Skibydi Killer, Agent Shooter, Rainbow Stretch, and Rubber Punch 3D, have been identified as adware masquerading as gaming or productivity apps. These apps, which have been removed from Google Play, try to hide from users by using transparent or Chrome-like icons. Additionally, two Joker family apps, Love Emoji Messenger and Beauty Wallpaper HD, were found to subscribe users to paid services. Other fake apps disguised as financial software or games were also discovered. Users who have downloaded any of these apps are advised to uninstall them immediately and perform a device scan using Play Protect and a mobile antivirus tool.
Cybersecurity researchers have discovered several Android apps on Google's Play Store that were pushing ads and secretly subscribing users to premium services. These trojan apps, disguised as games, messengers, and wallpaper apps, were collectively installed around two million times. The apps distributed known malware families, generated profits for developers through ad delivery, and violated Google's policies. While Google has removed the apps from the Play Store, users who have already downloaded them should uninstall them to ensure their safety.
Malicious Android apps disguised as games on Google Play have amassed over 2 million installs, pushing intrusive ads to users while concealing their presence on infected devices. The apps, associated with malware families such as 'FakeApp,' 'Joker,' and 'HiddenAds,' hide by replacing their icons with Google Chrome or using transparent icons. They run in the background, launching ads through the browser to generate revenue for their operators. Some apps also direct users to investment scam sites or violate Google Play policies by loading dubious online casino websites. The apps have been removed, but users who installed them should delete them and perform a device scan using Play Protect and a mobile antivirus tool. To avoid downloading malicious software, minimize app installations, read user reviews, and verify the publisher's trustworthiness.
Over 60,000 Android apps have been found to be spreading adware, posing a risk to users' privacy, battery life, and data usage. The adware apps were discovered by cybersecurity firm Bitdefender, which found that the malware powering these apps has been live since at least October 2022. The campaign has mainly targeted Android smartphone users in the US, but has also been spotted in the UK, Germany, Brazil, and South Korea. Users are tricked into sideloading apps, which are distributed as APK files that need to be side-loaded instead of installed through an official app store. To stay safe, users should avoid sideloading apps and have an Android antivirus app installed on their device.
Over 60,000 Android apps disguised as legitimate applications have been installing adware on mobile devices for the past six months. The malicious apps are not hosted on Google Play but on third-party websites in Google Search that push APKs. The adware is designed to aggressively push ads to Android devices with the purpose of driving revenue, but the threat actors involved can easily switch tactics to redirect users to other types of malware, such as banking Trojans or ransomware. It is advised not to install any Android apps from third-party sites, as they are a common vector for malware.
Over 60,000 adware apps for Android have been discovered masquerading as cracked versions of popular applications, with a majority of detections located in the U.S., South Korea, Brazil, Germany, the U.K., France, Kazakhstan, Romania, and Italy. None of the apps are distributed through the official Google Play Store, and users searching for apps on a search engine are redirected to an ad page hosting the malware. Once installed, the apps have no icons or names to evade detection and serve unwanted ads to users. The adware behavior remains dormant for the first few days, after which it's awakened when the victim unlocks the phone to serve a full-screen ad using Android WebView.
Google has removed 32 malicious extensions from the Chrome Web Store that had a combined user count of 75 million. The extensions were able to hide their hidden code from users by performing their intended functions. The extensions' final payload appears to be adware that spams people with unwanted ads, along with a search results hijacker that displays sponsored links, paid search results, and potentially malicious links. Google said that the reported extensions have now been removed from the Chrome Store.
Google has removed 32 malicious extensions from the Chrome Web Store that had a collective download count of 75 million. The extensions could alter search results and push spam or unwanted ads. Cybersecurity researcher Wladimir Palant discovered that the extensions featured legitimate functionality to keep users unaware of the malicious behavior that came in obfuscated code to deliver the payloads. Avast reported the extensions to Google after confirming their malicious nature, and expanded the list to 32 entries. The extensions were adware that hijacked search results to display sponsored links and paid results, sometimes even serving malicious links.
McAfee researchers have discovered a new adware campaign called "HiddenAds" that has infected around 35 million Android devices worldwide. The malware is part of the same family as the previously identified "Goldoson" virus and serves ads in the background of mobile gaming sessions to generate unlawful revenue for shady companies and individuals. The malicious apps emulate Minecraft and have been downloaded over 10 million times, with three more having over 5 million installs each. Google has removed the apps from the Play Store, but users are advised to delete them from their devices to prevent further damage.
38 Minecraft copycat games on Google Play infected devices with the Android adware 'HiddenAds' to stealthily load ads in the background to generate revenue for its operators. The Minecraft-like games hiding adware were downloaded by roughly 35 million Android users worldwide, mainly from the United States, Canada, South Korea, and Brazil. McAfee's Mobile Research Team discovered the adware set and reported it to Google Play, resulting in the removal of all apps. Android users should check McAfee's report for a complete list of affected apps and manually remove them if they have not been removed already.
