gadget-bridge
HomeOther TechAppsGoogle Play Store removed 85 adware-laden apps from its store

Google Play Store removed 85 adware-laden apps from its store

Popular apps include Super Selfie, Cos Camera, Pop Camera, and One Stroke Line Puzzle.

- Advertisement -

Google has removed 85 problematic apps from its Play Store. This development came immediately after when Trend Micro exposed that these apps were hiding adware inside them. Google was informed that the majority of these apps were camouflaged as photography apps and games and were downloaded more than 8 million times.

As per Ecular Xu, mobile threat response engineer at Trend Micro said, “We found another example of adware’s potential real-life impact on Google Play. Trend Micro detects this as AndroidOS_Hidenad.HRXH. It isn’t your run-of-the-mill adware family: Apart from displaying advertisements that are difficult to close, it employs unique techniques to evade detection through user behavior and time-based triggers.”

- Advertisement -

After downloading the app every time the user unlocks the device the adware will carry out quite a lot of tests before it performs its routines. Firstly it will compare the current time of the device’s system time with the help of timestamp stored as install time. After that, it compares the network time (queried via RESTful API) with the help of timestamp stored as networkInstallTime. With this, the app will be able to verify if it has been installed on the device with the default delay time configured to 30 minutes. The blog post says, “To a certain extent, using network time can evade time-based detection techniques or triggers employed by traditional sandboxes, as the app’s time settings can be configured by simply using networkInstallTime.”

After 30 minutes the app will then hide its icon and create a shortcut on the device’s home screen.  This would prevent the app from being uninstalled by dragging and dropping its icon to the Uninstall section of the screen. In order to avoid this, the app brings into play Java reflection that will allow the apps to inspect or to modify the behavior of the app and encodes the API strings in base64.

- Advertisement -

The app also uses one more Broadcast Receiver to detect if the user has unlocked its device. Once detected it will start displaying advertisements on the screen. Besides this it also tests the last ad shown on the screen so that it does not displays the same advertisements too often

“While the apps do have actual functionalities of the applications they are posing as, these ads are shown in full screen. Users are forced to view the whole duration of the ad before being able to close it or go back to the app itself. Moreover, the frequency of ads being displayed can be remotely configured by the fraudster (the default is five minutes), so it could exacerbate the nuisance for users.”

- Advertisement -

For the latest gadget and tech news, and gadget reviews, follow us on TwitterFacebook and Instagram. For newest tech & gadget videos subscribe to our YouTube Channel. You can also stay up to date using the Gadget Bridge Android App.

- Advertisement -

Support Us

We are a humble media site trying to survive! As you know we are not placing any article, even the feature stories behind any paywall or subscription model. Help us stay afloat, support with whatever you can!

Support us
- Advertisement -
Komila Singh
Komila Singhhttp://www.gadgetbridge.com
Komila is one of the most spirited tech writers at Gadget Bridge. Always up for a new challenge, she is an expert at dissecting technology and getting to its core. She loves to tinker with new mobile phones, tablets and headphones.
- Advertisment -
- Advertisement -

2 COMMENTS

  1. Greetings I am so grateful I found your website,
    I really found you by error, while I was searching on Bing for something else, Anyhow I am here now and would just like to
    say cheers for a incredible post and a all round thrilling blog
    (I also love the theme/design), I don’t have time to go
    through it all at the moment but I have saved it and also added in your RSS feeds, so when I have time I will be back to read much more, Please do keep
    up the great work.

  2. It’s a shame you don’t have a donate button! I’d without a
    doubt donate to this excellent blog! I guess for now i’ll settle for book-marking and adding your RSS feed to my
    Google account. I look forward to brand new updates and will share this blog with my
    Facebook group. Talk soon!

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -
- Advertisement -

Follow Us

- Advertisement -

Must Read

BGMI redeem codes for 23 September 2023, claim and receive rewards and benefits

BGMI redeem codes for 23 September 2023, claim and receive rewards...

0
After being banned for nearly ten months, Battleground Mobile India, aka BGMI, is officially available again in India. BGMI fans are looking for ways...
- Advertisement -
- Advertisement -

You cannot copy content of this page