85 apps on Google’s Play Store, posing as photography and gaming apps and downloaded more than 8 million times were found to be serving only advertisements by taking over users’ home screen according to a research by Trend Micro. These apps displayed advertisements that were difficult to close and used “unique techniques to evade detection through user behaviour and time-based triggers,” Ecular Xuo of Trend Micro said. Google removed the apps from the Play Store following these findings.
Ad-frequency on these apps could be controlled remotely: What the research found out
- These apps kept a record of the time at which they were installed, and then every time the device was unlocked, would run several checks to gauge if the app has been installed for at least 30 minutes.
- After the app detected that it was installed for more than 30 minutes, it hid its icon and created a shortcut on the device’s home screen. This way, the app ensured that it couldn’t be uninstalled by being dragged and dropped to the uninstall section.
- After that, the app started displaying advertisements on the device’s home screen. It could also check for the intervals being displaying advertisements and also make sure that it didn’t display the same advertisement frequently. More so problematically, the research also found out that the frequency of showing advertisements could be controlled remotely.
- Unlike some other ad-delivering apps on Android, the research found out that these 85 apps did have actual functionalities. However, they forced users to watch full-screen advertisements for the whole duration before giving the option to close the advertisement.
Here is a list of all these 85 apps.
Apps made specifically to deliver ads run rampant on Play Store
Symantec found 152 fake Android apps masquerading as apps from Reliance Jio in June this year. The firm found out that these apps had 21 different package names and claimed to offer free daily data of 25 GB or 125 GB with a validity ranging from one day to a year. However, it noted that these exuberant claims were made only to generate advertising revenue for developers of these apps.
In February, Google had removed about 57 fake apps from the Play Store after security firm Quick Heal said that the apps did not have any legitimate functionality. Apps such as Credit Card Process and Home Loan Advisor appeared genuine on the basis of their description but did not function the way they were supposed to upon downloading. The security company claimed that the apps were mainly developed to earn money by showing ads.
In January, malware researcher Lukas Stefanko spotted 15 GPS-based apps in the Google Play store which were duping Android users and earning money from them. Some apps including GPS Route Finder, GPS Live Street Maps and Maps GPS Navigation did not provide any service of their own to the users but used Google Maps or its API to display ads. Some of the apps also sought permission to access users’ contacts, messages and call logs.