08-11-2023 , 02:24 PM
Quote:The Google Play store was infiltrated by 43 Android applications with 2.5 million installs that secretly displayed advertisements while a phone's screen was off, running down a device's battery.
McAfee's Mobile Research Team discovered the malicious Android apps and reported them to Google as they violated Google Play Store's policies. Google subsequently removed the apps from Android's official store.
The applications were mainly media streaming apps and news aggregators, and the target audience was predominately Korean. However, the same deceptive tactics could very easily be applied to other app categories and more diverse user demographics.
While these applications are considered adware, they still pose a risk to users as they open the door to potential user profiling risks, exhaust device battery life, consume significant internet data, and perpetrate fraud against advertisers.
Hiding in Google Play
McAfee's report says the adware was hidden in Google Play apps that impersonated the TV/DMB Player, Music Downloader, News, and Calendar applications.
Once installed on the device, the adware apps wait several weeks before activating their ad-fraud activity to deceive the users and evade detection by Google reviewers.
McAfee says the adware’s configuration can be remotely modified and updated via Firebase Storage or Messaging, so its operators can adjust the period of dormancy and other parameters.
Continue reading here