in

These Android Apps Bring a Lot of Adware To Your Device.

Android
Share this article

New reports from ESET indicates that various Android users have downloaded 42 different adware-filled Android apps more than eight million times in total. So, just in case, here’s what’s going on—and a list of all 42 apps you should remove from your phone if you were suckered into installing one.

According to ESET, these apps—a subset of which had been active on the Google Play Store since July of 2018—all appeared to be normal apps at first glance.

These apps might have basic functionality, but they all start communicating back to a command-and-control server when you run them, which configures the apps’ attack patterns to fit match your device (and other apps you have installed on it, like Facebook Messenger). Once they have their marching orders, the apps employ a number of creative techniques to stick themselves on your device and serve up annoying full-screen advertisements. As ESET describes:

First, the malicious app tries to determine whether it is being tested by the Google Play security mechanism. For this purpose, the app receives from the C&C server the isGoogleIp flag, which indicates whether the IP address of the affected device falls within the range of known IP addresses for Google servers. If the server returns this flag as positive, the app will not trigger the adware payload.

Second, the app can set a custom delay between displaying ads. The samples we have seen had their configuration set to delay displaying the first ad by 24 minutes after the device unlocks. This delay means that a typical testing procedure, which takes less than 10 minutes, will not detect any unwanted behavior. Also, the longer the delay, the lower the risk of the user associating the unwanted ads with a particular app.

Third, based on the server response, the app can also hide its icon and create a shortcut instead. If a typical user tries to get rid of the malicious app, chances are that only the shortcut ends up getting removed. The app then continues to run in the background without the user’s knowledge. This stealth technique has been gaining popularity among adware-related threats distributed via Google Play.

Yuck.

If you have any of the following apps installed on your device, you’ll want to hit up Settings > Apps & notifications > See all [#] apps, tap on the offending apps in question, and uninstall them from your device. (Depending on your Android device, your path to getting to this screen might vary.) Don’t just uninstall the apps from your launcher (Home screen) by dragging them, as you might only remove a shortcut to the said app (if you aren’t paying attention).

adware apps

Thankfully, while the aforementioned adware is annoying, it’s unlikely to harm your device beyond wasting your battery and potentially sending data about you to something, or someone, you don’t know anything about (Scary). These apps won’t steal your passwords, but they will piss you off—and for that, they don’t deserve space on your phone. Google has also removed them from the Play Store, but that doesn’t mean an automatic deletion from your phone.

As always, the best way to avoid apps like these is to first consider whether you truly need the app in question. Is there a better alternative? More importantly, is there an alternative that’s already been downloaded by a ton of people, vetted by third-party sources, or has a long history of great reviews? Shoot for those apps instead of these weirdly named one-offs with suspect descriptions and reviews, and odds are good you’ll avoid most adware on your device.

Source: LifeHacker

Also, read about malicious android apps you should avoid having on your phone.

What do you think?

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Loading…

0

Comments

0 comments

Netflix

Netflix Might Be Coming For You.

comac

This Chinese Aviation Company Could Spell The End For Boeing.