Latest in Gear

Image credit:

'SimBad' Android adware was downloaded nearly 150 million times

Google pulled 210 apps carrying 'SimBad,' many of them games.
Jon Fingas, @jonfingas
March 13, 2019
Share
Tweet
Share

Sponsored Links

Omar Marques/SOPA Images/LightRocket via Getty Images

As much as Google has done to keep malware out of the Play Store, some notable examples still get through. Google has pulled 210 apps from the store after Check Point researchers discovered that they were infected with the same strain of adware. Nicknamed "SimBad" based on the abundance of infected simulator games, the code hid in a bogus ad-serving platform and created a back door that could install rogue apps, direct users to scam websites and show other apps in stores. Check Point believes the apps' developers were tricked into using the platform.

Unfortunately, these weren't just specialty apps with few users. The apps had nearly 150 million downloads, and dozens of them have over 1 million downloads -- the largest (Snow Heavy Excavator Simulator) had over 10 million. The oldest apps were available since March 2017.

We've asked Google for comment. SimBad may have been difficult to stop compared to some malware, since it was piggybacking on otherwise legitimate apps and was focused on serving ads as opposed to stealing data. Even so, this illustrates a familiar problem with the Play Store: Google's current scanning techniques can still miss rogue apps like this, and customers can't always tell that an app is suspicious just by looking at it.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

How to watch Biden’s inaugural 'Parade Across America'

How to watch Biden’s inaugural 'Parade Across America'

View
EU fines Valve and major game publishers for geo-blocking titles

EU fines Valve and major game publishers for geo-blocking titles

View
Donald Trump pardons ex-Waymo, Uber engineer Anthony Levandowski

Donald Trump pardons ex-Waymo, Uber engineer Anthony Levandowski

View
Mercedes-Benz' EQA crossover is its first sub-$50,000 EV

Mercedes-Benz' EQA crossover is its first sub-$50,000 EV

View
YouTube extends Trump's suspension ahead of inauguration day

YouTube extends Trump's suspension ahead of inauguration day

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr