Everybody knows that you have to be careful for malware and adware when installing apps, especially from lesser known sources. Unfortunately, the security firm Avast is now telling us that we are just as vulnerable to these security threats when downloading apps from the Google Play store –even those with millions of downloads. The latest discovery involved a series of advertisements posing as warning messages that were displayed to end users when they unlock their Android devices; the culprit in that case being a card game app called Durak that boasts 5 to 10 million installs to date.
Originally brought to Avast’s attention by way of comments in their user forums, the firm was able to find this same malicious software in over a dozen apps, each with different developers (with more apps being researched and confirmed to be infected as I write this).
The worst part of malware is how clever it can be –many won’t even display ads for days or weeks following installation (in some cases not until you have rebooted your device)… when you consider how many apps and settings you change over that kind of time period, tracking down the source can be very difficult.
Once the ads do display, the warnings are hard to ignore (often scaring you with suggestions that your smartphone is filled with pornography, infected by a virus, or out of date with required security patches). After the warnings is a call to action which tends to result in more malware-infected apps being installed once a user clicks through (and in worse-case scenarios, even sends SMS messages to your contacts trolling for sensitive information and personal data).
In some cases, the adware and malware were providing links back to legitimate apps by trustworthy developers –which likely points to other motivation, such as credit for new user referrals.
It goes without saying that these security threats are a violation of Google’s Terms of Service (and they have suspended apps that are known offenders)… but the fact that they got through to the Play Store in the first place means that you can never really let your guard down.
A video detailing the behaviour, look, and feel of the adware in question is linked below.