Dozens of Android adware apps disguised as photo-editing apps and games have been caught serving ads that would take over users’ screens as part of a fraudulent money-making scheme.
Security firm Trend Micro said it found 85 individual apps downloaded more than eight million times from Google Play — all of which have since been removed from the app store.
The researchers discovered that the apps would keep a record when they were installed and sit dormant for around half-an-hour. After the delay, the app would hide its icon and create a shortcut on the user’s home screen, the security firm said. That, they say, helped to protect the app from being deleted if the user decided to drag and drop the shortcut to the “uninstall” section of the screen.
“These ads are shown in full screen,” said Xu. “Users are forced to view the whole duration of the ad before being able to close it or go back to app itself.”
When the app unlocked, it displayed ads on the user’s home screen. The code also checks to make sure it doesn’t show the same ad too frequently, the researchers said.
Worse, the ads can be remotely configured by the fraudster, allowing ads to be displayed more frequently than the default five minute intervals.
Trend Micro provided a list of the apps — including Super Selfie Camera, Cos Camera, Pop Camera and One Stroke Line Puzzle — all of which had a million downloads each.
Users about to install the apps had a dead giveaway: most of the apps had appalling reviews, many of which had as many one-star reviews as they did five-stars, with users complaining about the deluge of pop-up ads.
Google does not typically comment on app removals beyond acknowledging their removal from Google Play.