With 16 infected apps and 20 million downloads, cybercriminals set up a colossal scam system: unsuspecting and innocent users helped scammers make money.
Over 20 million downloads for 16 apps, one of which alone has reached 10,000,000 downloads: these are the numbers of the latest ” cleaning ” of infected Android apps carried out by Google on the Play Store, after a report made by the note McAfee, a cyber security company. The dangerous apps found on the Play Store fell into the category of ” adware, “i.e., software that aims to exploit the infected device to scam international advertising circuits. In this specific case, however, it was the worst type of adware that works in the background without the user noticing.
Infected Apps: The Adware Mechanism
The term ” adware ” comes from ” ads ” and ” software. ” The purpose of adware is to display advertising banners or click on them to receive payment from the advertising circuit. To earn this way, you have to do things big: either thousands of smartphones are used, or the sites where there are banners are opened thousands of times.
The 16 apps that McAfee found managed to do both by generating billions of clicks from 20 million devices. Even challenging to imagine the amount earned, unbeknownst to unsuspecting users, by those who set up this scam system.
Infected Apps: How They Worked
Specifically, the 16 offending apps took control of the smartphone on which they were installed and proceeded to open a browser in the background, i.e., in the background. The user saw nothing while they ” worked in the shadows. “
Websites were opened through the browser, set up only to contain advertising banners, which were clicked directly by the hidden code of the app, which, in practice, was able to simulate the behavior of a real user.
The user could not notice anything because the apps began their scam job only after at least 60 minutes from installation and did it entirely in secret. The damage to the user was limited to excessive battery consumption (the phone never stood still) and phone plan data because the apps worked without a WiFi connection.
Websites were opened through the browser, set up only to contain advertising banners, which were clicked directly by the hidden code of the app, which, in practice, was able to simulate the behavior of a real user.
The user could not notice anything because the apps began their scam job only after at least 60 minutes from installation and did it entirely in secret. The damage to the user was limited to excessive battery consumption (the phone never stood still) and phone plan data because the apps worked without a WiFi connection.
Infected Apps: What Are They
McAfee has released the names of infected apps discovered on the Play Store. There are 16, and among them, there is a bit of everything: the most downloaded is a camera app, but there are also apps for taking notes, QR Code readers, utilities for Instagram and smartphone maintenance, a converter of currency, and much more. Here are the names of the apps discovered:
- High-Speed Camera
- Smart Task Manager
- Flashlight +
- Notepad (Korean app)
- K-Dictionary
- BusanBus
- Flashlight +
- Quick Note
- Currency Converter
- Joycode
- EzDica
- Instagram Profile Downloader
- EZ Notes
- Flashlight (app in Korean)
- Calculator (app in Korean)
- Flashlight + (alternative app)
All of these apps have already been removed from the Play Store by Google after the cybersecurity company reported. In the vast majority of cases, the apps removed from the Play Store for security reasons automatically disappear even from the smartphones on which they have been installed, thanks to the mechanisms of Google Play Protect.
However, a manual check for additional security between the apps on the phone is undoubtedly recommended for anyone who installs many apps and frequently.
Also Read: Introduction To Rest API: What Is It In Simple Words