Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Threat Management, Malware, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Firm warns of Google Play apps spreading adware

After investigating a user complaint about adware delivered through Google Play apps, security firm Avast confirmed Tuesday that popular games in the app store were, in fact, displaying malicious behavior.

Some of the apps in question were revealed as Durak, a card game with as many as 10 million installs, a (Russian language) IQ test with up to 5 million installs, and a Russian history app game, which has been installed up to 50,000 times by Android users, according to Play store stats.

Aside from the apps causing unwanted ads to be displayed on users' phones, Filip Chytry, an Avast mobile malware analyst wrote in a  Tuesday blog post that, in some cases, the “abnormal behavior” didn't start until 30 days after the apps were installed.

Once the adware issues began to present themselves, users would be inundated with alerts that their device was “infected, out of date or full of porn,” he explained. “This, of course, is a complete lie,” Chytry said, later adding that the scam could potentially provoke victims to download apps from untrusted sources to abate the issue.

“An even bigger surprise was that users were sometimes directed to security apps on Google Play," he revealed. "These security apps are, of course, harmless, but would security providers really want to promote their apps via adware? Even if you install the security apps, the undesirable ads popping up on your phone don‘t stop. This kind of threat can be considered good social engineering,” Chytry wrote.

On Tuesday afternoon, SCMagazine.com reached out to Google regarding the reports. An update will be provided upon response from the company.

UPDATE: In a Tuesday email, a Google spokeswoman told SCMagazine.com that their "teams are investigating" the reported issues, and will provide more information soon. 

UPDATE 2 (5:50pm ET): Google confirmed that it has now suspended the malicious apps detailed by Avast.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.