According to research done by the antivirus firm Avast no less than 17 apps on Google Play are a part of a Trojan clan called HiddenAds. The company has revealed that its researchers have found out that these apps have intrusive ads as well as stealth features that can disguise one as safe and useful applications.
Avast has discovered a large campaign of HiddenAds on the Google Play Store. As per the company, these HiddenAds refer to a family of Trojans that are masked as safe and useful but in fact, only serve to display intrusive ads to the user. The discovered apps mask as games and have a timer-triggered hide app icon feature alongside the ability to display device-wide ads. The antivirus firm also has 15 million combined downloads on the Play Store.
The firm says the initial detection was made through similarities with a previous HiddenAds campaign that was also present on the Play Store. On further findings and analysis of the app via apklab.io the firm was able to detect an extensive operation of 47 apps through shared activities, features, and network traffic.
Based on the user’s experience and reviews on the Play store these apps were troublemaking. This combined with the apps’ ability to hide their icon and display ads outside the app confirmed that they are part of the HiddenAds family. These apps are referred to as an adware which is a type of malware that attacks the user with intrusive and consistent ads and can even steal your personal information, track you online and more.
The team of Avast researchers explains that the most prominent feature to identify these apps is that all the applications comes in the form of a mobile game. It has been identified that all the games are generally an older version of the game that comes with added layers of ads and the hide icon ability. Once the user downloads the app, a timer starts within the app. However, the user is allowed to play the game for a set period of time, after which the timer activates the hide icon feature of the app.
“Once the icon is hidden, the app starts to display ads throughout the device without needing further actions from the user. The apps have the ability to draw over other apps to display timed ads that cannot be skipped. Several apps even open the browser to display intrusive ads,” the firmware explained. Due to the hidden icon, the user may be unsure about the origin of the ads. Although the app can still be uninstalled using the app manager features on the phone the users are required to search the source of the ads. Also, another common characteristic of these apps is that the developer only has a single app on their developer profile with a generic email address. In the same way, the Terms of Service are also the same across the exposed apps, likely pointing to an organized campaign by one actor.
According to Avast the apps already have more than 15 million downloads and the reports suggest that the mainly targeted users are basically from India and South East Asia and are spreading through game ads focused in these regions.
To help you out avoid downloading malicious apps in the Google Play Store, follow the below-mentioned steps:
- Carefully check the permissions the app requests before installing it. See what the app is asking to access, if the app is asking for data it does not need, it might be a red flag.
- Read the user reviews. If there are a large number of negative reviews, you might want to reconsider downloading the app.
- Download an antivirus app on your mobile device like Avast Mobile Security so that adware and other malicious apps are identified and blocked.
For the latest gadget and tech news, and gadget reviews, follow us on Twitter, Facebook and Instagram. For newest tech & gadget videos subscribe to our YouTube Channel. You can also stay up to date with the Gadget Bridge Android App.