Google has pulled 85 malicious Android app from its Google Play store. Trend Micro researchers found dozens of these propaganda apps disguised as photo editing and gaming applications.
These apps removed by the company show full-screen, non-skippable ads as part of a money-making scheme. Advertising programs named AndroidOS_Hidenad.HRXH have been integrated into photography and gaming applications.
The apps took advantage of common Android functions to discover when the user unlocks the phone. This resulted in heavily repetitive ads and was difficult to skip.
The researchers found that 85 of these applications keep a record when installed and remain dormant for about half an hour. They then hide their icons on the home screen with a short replacement, which prevents the user from deleting the app. The application remains on the phone in confidence without the user’s knowledge to generate advertising revenue.
Applications use unique techniques to avoid detection through user behavior. It also includes code that verifies that it doesn’t show the ad itself too frequently. These advertising programs typically affect phones running older versions of Android.Android 8.0 and later include a function that requires user confirmation before allowing an app to create a shortcut, alerting the user to hidden app activity.
The security company has provided a list of applications including Super Selfie Camera, Cos Camera, Pop Camera, One Stroke Line Puzzle and others, each of which has one million installs.
Source : Trend Micro