Homepage Avast newsroom

Avast reports HiddenAds adware campaign in 47 apps disguised as games on the Google Play Store

Announcement posted by Avast 26 Jun 2020

Avast warns of intrusive apps and shares tips on how to avoid falling for adware scams

Avast (LSE:AVST), a global leader in digital security and privacy products, has discovered and reported 47 gaming apps to Google. Currently, 17 of the apps are still available on the Google Play Store, but Google’s investigations into the apps are ongoing. The apps, which were available in the Play Store are a part of the HiddenAds family, a Trojan disguised as a safe and useful application but instead serves intrusive ads outside of the app. The apps have been downloaded more than 15 million times in total. 

 

 

Avast researchers were able to make this initial discovery by using apklab.io’s automatic detection software that was based on a previous HiddenAds campaign found in Google Play Store recently. Through this analysis, Avast was able to find the campaign by comparing their similar activities, features and network traffic.

 

 

The apps have the ability to hide their icon on an infected device and display device-wide intrusive ads, which is a key feature of the HiddenAds family. Seven of the apps can open the phone’s browser to display additional ads. Even once the user removes the app from their device, the ads will be continually served. The apps have low ratings where users complain about the incessant ads and the low functionality of the gaming features. 

 

 

“Campaigns like HiddenAds may slip into the Play Store by obfuscating their true purpose or slowly introducing malicious features once already downloaded by users. It’s difficult to prevent adware campaigns since actors use one-off developer accounts for each app. While Google has been a great partner to remove malicious apps, users need to remain vigilant as they download new apps on their devices and check for telltale signs of a bad app such as negative reviews, extensive device permission requests and unknown developers,” said Jakub Vávra, threat analyst at Avast.

 

 

How users can recognise adware apps 

 

Adware is a type of malicious software that bombards a user with excessive ads in and outside of an app. Adware apps are often difficult to recognize, as they are often disguised as entertainment apps like gaming apps, for example. The reviews for these apps will often be extremely negative, citing excessive ads or low functionality of the alleged app features. Typically, developers only have one app available on their developer account, which could clue a user into possibly malicious intentions. By checking the permissions the app requests before installing it and reading user reviews, users should be able to avoid falling victim to downloading adware. 

 

 

Below is a table of the most downloaded apps: 

 

 

App Name and Downloads

Draw Color by Number

1,000,000

Skate Board - New

1,000,000

Find Hidden Differences

1,000,000

Shoot Master

1,000,000

Stacking Guys

1,000,000

Disc Go!

1,000,000

Spot Hidden Differences 

500,000

Dancing Run - Color Ball Run

500,000

Find 5 Differences

500,000

Joy Woodworker

500,000

Throw Master

500,000

Throw into Space

500,000

Divide it - Cut & Slice Game

500,000

Tony Shoot - NEW

500,000

Assassin Legend

500,000

Flip King

500,000

Save Your Boy 

500,000

Assassin Hunter 2020

500,000

Stealing Run

500,000

Fly Skater 2020

500,000