These malicious Android apps were able to crack Google's anti-adware code

(Image credit: Shutterstock.com)

Google has removed a number of malicious Android apps from the Play Store after multiple reports the programs were overloading user devices.

At least 38 Android apps were identified as threats, bombarding users with out-of-context ads and intrusive browser redirects.

The apps were reportedly developed by the same criminal group, which was able to get the services onto the official Play Store by disabling malicious adware functions inside the source code to get around Google's security protections.

This WhatsApp feature might see your phone number end up in Google search results
Here's our list of the best secure messaging apps on the market
More than one billion Android devices at risk of hacking - here's how to stay safe

Beauty apps

The apps were identified by security firm White Ops, which reported its findings to Google in order to get them removed.

Most were beauty-related or filter packages, including selfie apps or services that promised to add a number of filters over user images. Once downloaded and installed however, the apps bombarded users with intrusive adverts, repeatedly tried to open browsers to redirect to websites, and attempted to avoid being uninstalled by hiding their app icons.

Many of the apps appeared to be modified or amended versions of previous services, which had seen little pick up with users on the Play Store until they had the anti-adware code removed.

Although many were accepted into the Play Store initially, these original apps only normally lasted just over two weeks on the marketplace before being detected and removed by Google. In spite of their short shelf life, White Ops detected that the 17 apps were downloaded over half a million times in total.

In order to try and reinstate their apps, the developers adopted a number of measures to try and trick Google into re-accepting them - which primarily involved removing the malicious code entirely. This would trick the Play Store into clearing the apps, which, once uploaded, would have this code re-added through a data update.

This included using Arabic characters, including verses from the Quran, in place of English in the app source code, disguising malicious features.

All the apps have now been removed, with Google saying it will up scrutiny on suspicious additions such as those mentioned in White Ops' report.

Keep your device safe with the best Android antivirus software of 2020
While an Android VPN can add an extra layer of anonymity on Wi-Fi

Via ZDNet

TOPICS

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

More about security

A deepfake image being created on a computer.

Deepfake scam calls are costing British victims hundreds each time - here's how to stay safe

Company that reportedly supplied DOGE and Elon Musk with sleeping solutions found to have huge vulnerability in its...beds??

The Lumix S1R II in the hand / the Sigma BF on a white surface with hard shadow / the Canon PowerShot V1 vlogging compact in the hand

The 6 most exciting cameras and lenses from CP+ 2025: from Sigma’s radical full-frame camera to Sony’s mega zoom lens

See more latest

Beauty apps

Are you a pro? Subscribe to our newsletter

Most Popular