Researchers at the Romanian cybersecurity company, Bitdefender, found 17 Android applications on Google Play displaying ads aggressively on users’ phones, even when the application is not running.
Although not destructive, the tactics they use to infiltrate Google Play and circumvent Google’s inspection system are usually related to the malware that accompanies it.
Application mode – the search for profit from these advertisements – once installed they will hide their presence on the device.
Waiting for 48 hours before hiding their presence on the device, breaking the application code into several resource files, and delaying displaying advertisements for up to four hours after installing the application is one of the tactics that developers use to embed their applications into Google Play.
With a total of more than 550 thousand downloads, the application was found to have escaped Google’s radar inspection system mainly because they also fulfilled their promise.
Google has been notified and the application is reported to be offline.
The description of one of the applications being analyzed lures users with a racing simulator that also offers in-app payments for additional features in the game.
While the game section is functioning properly, this application displays pop-up advertisements when users do not play the game and hide for some time after installation.
Ads are displayed at random time intervals, making it difficult for users to recognize patterns when they are displayed.
Interestingly, the malicious code is in the first component, the second is the actual game code, Bitdefender researchers said in their report, quoted Thursday.
Users see a lot of advertisements either in the game when pressing different buttons or even if not in the application. The frequency at which advertisements appear when in the game depends on random values. In half the cases, it is possible that when using some of the game’s functions, advertisements will appear.
The ad serving mechanism is spread around the application, in a number of activities, and uses a modified adware SDK. The randomness of the ad occurrence and the display time interval are modified by the developer to reduce the possibility of the user noticing any pattern.
In other versions, including versions that at a certain point on Google Play, requests to the advertising website also contain sensitive information about the user, such as phone model, IMEI, IP address, MAC address, and location information.
Here are 17 apps that aggressively display advertisements based on findings of the Bitdefender researchers:
- Car Racing 2019
- 4K. Wallpaper (4K Full HD Background )
- 4K HD Background
- QR Code Reader & Barcode Scanner Pro
- File Manager Pro – SD Card / Explorer Manager
- VMOWO City: 3D Speed Racing
- Barcode Scanner
- Screen Stream Mirroring
- QR Code – Scan & Read a Barcode
- Women’s Period Ovulation Cycle Tracker
- QR & Barcode Scan Reader
- 4K Wallpapers, HD Backgrounds
- Smart Data Transfer
- Explorer File Manager
- Today Weather Radar
- Mobnet. io: Big Fish Frenzy
- Clock LED.
Has your device been previously attacked by malicious malware? Then here is an article that summarizes how to protect malware from your Android devices. You can also check a host of apps you can use to fight this annoying Adware.