These malicious Android apps were able to crack Google's anti-adware code

(Image credit: Shutterstock.com)

Google has removed a number of malicious Android apps from the Play Store after multiple reports the programs were overloading user devices.

At least 38 Android apps were identified as threats, bombarding users with out-of-context ads and intrusive browser redirects.

The apps were reportedly developed by the same criminal group, which was able to get the services onto the official Play Store by disabling malicious adware functions inside the source code to get around Google's security protections.

Beauty apps

The apps were identified by security firm White Ops, which reported its findings to Google in order to get them removed.

Most were beauty-related or filter packages, including selfie apps or services that promised to add a number of filters over user images. Once downloaded and installed however, the apps bombarded users with intrusive adverts, repeatedly tried to open browsers to redirect to websites, and attempted to avoid being uninstalled by hiding their app icons.

Many of the apps appeared to be modified or amended versions of previous services, which had seen little pick up with users on the Play Store until they had the anti-adware code removed.

Although many were accepted into the Play Store initially, these original apps only normally lasted just over two weeks on the marketplace before being detected and removed by Google. In spite of their short shelf life, White Ops detected that the 17 apps were downloaded over half a million times in total.

In order to try and reinstate their apps, the developers adopted a number of measures to try and trick Google into re-accepting them - which primarily involved removing the malicious code entirely. This would trick the Play Store into clearing the apps, which, once uploaded, would have this code re-added through a data update.

This included using Arabic characters, including verses from the Quran, in place of English in the app source code, disguising malicious features.

All the apps have now been removed, with Google saying it will up scrutiny on suspicious additions such as those mentioned in White Ops' report.

Via ZDNet

TOPICS
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Latest in Security
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Data leak
Hacked Tata Technologies data leaked by ransomware gang
A close-up photo of an iPhone, with the App Store icon prominent in the center of the image.
Thousands of iOS apps found to expose user data and leak Stripe keys
China
Chinese hackers targeting Juniper Networks routers, so patch now
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Latest in News
The Russo brothers posing for a photograph and Herman carrying a Volkswagen camper van in The Electric State
'We're optimists': AI enthusiasts Joe and Anthony Russo defend its use in movies and TV shows, but admit there are 'very real dangers' around its application
UK Prime Minister Sir Kier Starmer
UK PM says AI should soon replace civil servants
Xbox Copilot in Minecraft
Microsoft confirms Copilot can be tested by Xbox Insiders next month and shares new details about how the AI sidekick will enhance the player experience: 'It has to be about gameplay, it has to be personalized to you'
Eight Samsung TVs mounted to the wall showing different basketball games
Samsung is offering you 8 new TVs in one bundle for March Madness, in case you want to watch all games at once like a Bond villain’s lair
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
The Steam Logo on a mobile phone in front of a wall of games.
Today’s Steam Spring Sale features my absolute favorite game of all time - here's when the sale starts and all the key info