Google Play Store has millions of apps and many times large number of frequent submissions allows harmful and malicious apps to infiltrate the Play Store and collect personal data from people’s smartphones and often damage them. 43 harmful apps that were covertly using a phone’s battery were recently removed by Google.
The warning was issued after McAfee’s security team found a collection of 43 apps that might show adverts when the device isn’t in use. Soon after this discovery, Google Play Store became vigilant and removed these dubious apps from its platform since they may drain the battery and utilise mobile data even while the screen is off.
According to McAfee’s Mobile Research Team, the fact that these apps run advertisements even while the device’s screen is off may at first seem convenient to consumers. However, it’s obviously against Google Play Developer’s guidelines for how advertisements should be shown.
The blog post noted, “This affects not only the advertisers who pay for invisible Ads but also the users as it drains the battery, consumes data and poses potential risks such as information leaks and disruption of user profiling caused by Clicker behaviour.”
What’s more worrying is 43 apps that have been downloaded 2.5 million times in total. TV/DMB Players, Music Downloaders, News, and Calendar applications are some of the targeted apps. The ad fraud library said to employ certain strategies to avoid detection and inspection. By intentionally delaying the start of its fraudulent actions, it creates a latent period beginning with installation.
Additionally, all of this library’s complex configurations can be remotely changed and pushed using the Firebase Storage or Messaging services. The challenge of discovering and analysing this fraudulent behaviour is considerably increased by these considerations. Additionally, the latent period often lasts for a few weeks, making it difficult to catch.
It is important to exercise caution when granting permissions, such as deactivating “power saving” and enabling “draw over other apps.” These permissions may allow certain acts to be carried out covertly in the background, raising concerns regarding the motives and actions of the aforementioned libraries or apps. Giving these rights can lead to additional harmful behaviour, including the display of phishing pages and background advertisements.
McAfee’s Mobile Research Team explained that users are unaware that running advertising is present on their devices because the fetching and loading of ads begins when the device screen is switched off after the latent time. By contacting the special domain associated with the application (for example, mppado.oooocooo.com), this ad library registers device information. then use Firebase Storage to obtain the precise ad URL and display the adverts. It is significant to highlight that this procedure uses mobile data and power resources.
Users may catch a peek at the advertisement at this point if they swiftly turn on their devices before it closes on its own.
McAfee informed Google about the exposed apps, and they responded right away. While some apps are updated by the developer, the majority are no longer accessible through Google Play. This threat has been identified by McAfee Mobile Security as Android/Clicker.
Users should exercise caution and carefully consider the necessity of granting permissions like power saving exclusion or drawing over other apps before authorising them.
For the latest gadget and tech news, and gadget reviews, follow us on Twitter, Facebook and Instagram. For newest tech & gadget videos subscribe to our YouTube Channel. You can also stay up to date using the Gadget Bridge Android App. You can find the latest car and bike news here.
