Announcement posted by Avast 26 Jun 2020
Avast (LSE:AVST), a global leader in digital security and privacy products, has discovered and reported 47 gaming apps to Google. Currently, 17 of the apps are still available on the Google Play Store, but Google’s investigations into the apps are ongoing. The apps, which were available in the Play Store are a part of the HiddenAds family, a Trojan disguised as a safe and useful application but instead serves intrusive ads outside of the app. The apps have been downloaded more than 15 million times in total.
Avast researchers were able to make this initial discovery by using apklab.io’s automatic detection software that was based on a previous HiddenAds campaign found in Google Play Store recently. Through this analysis, Avast was able to find the campaign by comparing their similar activities, features and network traffic.
The apps have the ability to hide their icon on an infected device and display device-wide intrusive ads, which is a key feature of the HiddenAds family. Seven of the apps can open the phone’s browser to display additional ads. Even once the user removes the app from their device, the ads will be continually served. The apps have low ratings where users complain about the incessant ads and the low functionality of the gaming features.
“Campaigns like HiddenAds may slip into the Play Store by obfuscating their true purpose or slowly introducing malicious features once already downloaded by users. It’s difficult to prevent adware campaigns since actors use one-off developer accounts for each app. While Google has been a great partner to remove malicious apps, users need to remain vigilant as they download new apps on their devices and check for telltale signs of a bad app such as negative reviews, extensive device permission requests and unknown developers,” said Jakub Vávra, threat analyst at Avast.
How users can recognise adware apps
Adware is a type of malicious software that bombards a user with excessive ads in and outside of an app. Adware apps are often difficult to recognize, as they are often disguised as entertainment apps like gaming apps, for example. The reviews for these apps will often be extremely negative, citing excessive ads or low functionality of the alleged app features. Typically, developers only have one app available on their developer account, which could clue a user into possibly malicious intentions. By checking the permissions the app requests before installing it and reading user reviews, users should be able to avoid falling victim to downloading adware.
Below is a table of the most downloaded apps:
App Name and Downloads
1,000,000
1,000,000
1,000,000
1,000,000
1,000,000
1,000,000
500,000
500,000
500,000
500,000
500,000
500,000
500,000
500,000
500,000
500,000
500,000
500,000
500,000
500,000