An antivirus team has identified a new batch of malicious Android apps that contain adware and malware, which were available on the Google Play Store.
On Tuesday, the Dr. Web antivirus team released a report revealing a list of malicious Android apps that had adware and malware in them. These Android apps were available on the Google Play Store and have concerningly been downloaded almost 100 million times on mobile devices.
According to Bleeping Computer, the malicious Android apps posed as either image-editing tools or virtual keyboards, system optimizers or wallpaper changers, and others. But the main function of these malware and adware-ridden Android apps was to "push intrusive ads, subscribe users to premium services, and steal victims' social media accounts."
While Google has removed a number of the Android apps from the Play Store, some applications remain available for download. Those who have downloaded and installed the malicious Google Play Store apps with malware and adware are advised to uninstall them manually and run an AV scan to ensure any remnants of the applications are completely removed.
Intrusive Malware and Adware Found in a Number of Android Apps on the Google Play Store
The Dr. Web antivirus team revealed that the questionable adware apps they discovered were in fact modifications of existing families that were first made available on the Google Play Store in May 2022. When installed, these malicious Android apps request permission from the user to overlay windows over an app and even add them to the battery saver's exclusion list to enable them to freely run in the background when the user closes the app.
Moreover, these malicious Android apps hide their icons from the app drawer or show a symbol that resembles a core system component, like "SIM Toolkit" to fool users. Some of the malicious Google Play Store apps have been downloaded millions of times despite having very low scores and numerous negative reviews.
Google Attempts to Combat Malicious Apps Riddled with Malware and Adware
Users' common assumption is that an app is safe to use because it is hosted on the Google Play Store, which upholds transparency by showing key information like the number of downloads, user reviews, app permissions, last update, and more. Recently, Google removed app permissions from the Play Store and replaced it with a Data Safety section.
The decision appears to have been reversed however. According to Make Use Of, Google said it would roll out a Data Safety section that would replace app permissions in May 2021. This came to fruition this month.
Now, Google Play Store app pages show a Data Safety section that shows the data the app collects and how it will be used. Viewers criticized the new feature and questioned why Data Safety replaced app permissions after the Data Safety information for some major apps were not updated.
This forced Google to reinstate app permissions, with the Data Safety feature working in tandem with it. Now, users can better combat Android apps with malware and adware, such as the Joker apps that incur fraudulent charges on users' mobile numbers by subscribing them to premium services and image editing apps that perform malicious actions in the background.
Here is a full list of the Android apps that were found to have malware and adware.