A new type of malware has apparently hit a number of popular applications on Google Play, which means it could have infected millions of Android users.
After receiving a tip regarding the malware, antivirus firm Avast looked into the matter and has indeed found an exploit in several popular apps.
"A couple of days ago, a user posted a comment on our forum regarding apps harboring adware that can be found on Google Play. This didn't seem like anything spectacular at the beginning, but once I took a closer look it turned out that this malware was a bit bigger than I initially thought," Avast's Filip Chytry reported on Tuesday, Feb. 3. "First of all, the apps are on Google Play, meaning that they have a huge target audience - in English speaking and other language regions as well. Second, the apps were already downloaded by millions of users and third, I was surprised that the adware lead to some legitimate companies."
Among the applications infected by this malware, card game Durak seems to be the most widespread one. According to Google Play's own stats, Durak has seen about 5 - 10 million downloads and installations. Avast notes that nothing suspicious is apparent upon installing the application, and the phone's behavior may seem normal for as long as 30 days despite the malware. Other apps such as IQ test and a history apps are in the same situation.
"This impression remains until you reboot your device and wait for a couple of days. After a week, you might start to feel there is something wrong with your device. Some of the apps wait up to 30 days until they show their true colors. After 30 days, I guess not many people would know which app is causing abnormal behavior on their phone, right?"
Ultimately, users will see an ad each time they unlock their device, warning them about a problem. According to Avast, such warnings may notify users that their device is infected, out of date, or full of porn, which is not true.
"You are then asked to take action, however, if you approve you get re-directed to harmful threats on fake pages, like dubious app stores and apps that attempt to send premium SMS behind your back or to apps that simply collect too much of your data for comfort while offering you no additional value."
Google has reportedly suspended all of the apps listed in Avast's report, but there may be other infected apps on Google Play. To minimize the risk of infecting your smartphone with malware, make sure to install apps only from trusted sources.