Latest in Gear

Image credit: Symantec

Sneaky tactics lead to millions of malware-laden Android app downloads

The apps used a new workaround to skirt Google’s security testing.
Marc DeAngelis
09.26.19 in Mobile
233 Shares
Share
Tweet
Share
Save

Sponsored Links

Symantec

Reports of malware-laden Android apps with millions of downloads are becoming a monthly occurrence. Google recently removed 25 more apps from the Play Store after Symantec discovered that they shared similar malicious code structure. These apps, which seemed like benign photo and fashion apps, were downloaded by users over 2.1 million times.

Once a user downloads the app, the executed code hides its icon and displays full-screen ads (which is similar to an issue discovered last month). The ads do not indicate which app is triggering them, and they're displayed even when the malicious app is closed, so users have no way of knowing which one to delete. Symantec cites monetary gain from ad revenue as the likely motivation behind the malware tactics.

Given the similarity between the apps, Symantec believes that they may have been created by one organization. The app listings on the Play Store are also pretty sneaky: the organization publishes two versions of the same app, one being a benign version and another being the malware version. The unaffected version may rank in top charts or the trending category, but when users manually search for the app, they have a 50-50 chance of downloading the ad-triggering variant.

Where this wave differs from previous batches of malware is in how the app icons are hidden. The programming that conceals the apps isn't hard-coded. Instead, a remote switch is built into the configuration files, which means that Google's security testing doesn't catch that aspect of the code.

Symantec and other security firms are frequently discovering new malware practices on the Play Store, which raises the question of how proactive Google is being. It could very well be the case that Google has effective security practices in place, but apps like these keep falling through the cracks. Even if that is the case, additional measures are needed to better protect Android users from malware and adware.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
233 Shares
Share
Tweet
Share
Save

Popular on Engadget

Xbox One test offers 'surprise' suggestions for what to play

Xbox One test offers 'surprise' suggestions for what to play

View
Facebook lets you get rid of those annoying notification dots

Facebook lets you get rid of those annoying notification dots

View
The next iPad Pro may arrive in early 2020 with 3D sensors

The next iPad Pro may arrive in early 2020 with 3D sensors

View
Nike's FlyEase technology hits the field with Seahawks LB Shaquem Griffin

Nike's FlyEase technology hits the field with Seahawks LB Shaquem Griffin

View
Chrome may shame slow-loading sites with 'speed badging'

Chrome may shame slow-loading sites with 'speed badging'

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr