Researchers at the ESET security company have discovered an adware campaign (program that automatically shows unwanted or misleading advertising) that ran for about a year with 42 applications involved. These had more than 8 million downloads until they were removed from the Google Play platform.
"We identified 42 applications on Google Play as belonging to the campaign, which had been running since July 2018. Of these, 21 were still available at the time of the discovery," Lukas Stefanko, an ESET researcher said in a statement.
Stefanko says that although Google’s security team quickly removed the applications, they are still available in third-party stores.RELATED
In addition to functioning as 'malware' (harmful type of 'software' usually intended to access a device without the user's knowledge), the applications provide the promised functionality such as FM Radio, video downloader or games. The operation of this 'malware' is to show full screen ads at semi-random intervals, and in the background, send data from the user's device.
ESET also warns that applications that contain this hidden 'malware' should be considered unreliable.
Damage that could be caused by 'malware': Annoying users with intrusive ads can also be fraudulent Wasting device battery resources Generating more network traffic Collecting personal information from users Hiding their presence on the affected device to achieve persistence Generating revenue for your operator without user interaction
The security company was able to track the 'malware' to the creator, a Vietnamese university student, who by not hiding his identity, the researchers were able to find his personal accounts on Facebook, GitHub and YouTube.