Two new batches of malicious apps have been found on the Google Play store with one group possibly having been downloaded hundreds of millions of times and the other having the ability to dodge Google vetting system.

Sophos and Bitdefender have each reported the apps they discovered used well-worn tricks, including actually working, in order to trick people into downloading and using the software. This can lead to monetary losses and privacy disclosure.

Bitdefender found 17 malicious apps that deliver adware using several methods to fool Google’s app vetting process to gain a foothold in the Play store. The primary method is that once installed the app hides its icon and goes silent for 48 hours. Its code is also split into two des files, which Bitdefender said makes it hard for security researchers to “grasp the logic of the app.” Another technique is to manipulate the broadcast receiver for android.intent.action.USER_PRESENT to display ads only after 4 hours following installation.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.