Skip to main content

Malware-Infested Android Apps Infect 8 Million: What to Do

(Image credit: ESET/WeLiveSecurity)

Google has removed dozens of apps from the Google Play store that were found to have used adware — and were downloaded by users millions of times.

Security firm ESET revealed Thursday (Oct. 24) that Google had removed 42 adware-laced apps that had been downloaded eight million times from Google Play to Android phones and other devices in just the past year. 

Because Android apps are available in several other app stores, however, the offending apps are still downloadable from other marketplaces. If you have any of these apps (there's a list at the end of the ESET report), you should delete them immediately.

Adware is a form of malware that runs on computers or phones and can wreak all kinds of havoc on devices. In its tamest form, adware can simply be an annoyance, showing you spammy ads or displaying hidden ads to generate revenue. In its worst form, adware can drain device batteries, push out links to malicious sites, and otherwise cause big security problems.

According to ESET, the apps in question served full-screen ads that would hijack the user's screen. The adware was also phoning home to its creator with information on the device, its status, and even whether the user had Facebook and Facebook Messenger installed.

ESET shared a screenshot of some of the 42 apps that had been removed by Google after it was discovered the apps were hosting adware

According to ESET, they included everything from a SaveInsta app for saving photos on the social network to a Ringtone Maker. Video Download Master was the most popular of the available apps with five million downloads. The developer used several different names. 

Interestingly, many of the available apps earned solid reviewers from users. Smart Gallery, for instance, had four-and-a-half stars before it was pulled from Google Play. A basketball game earned five stars.

The app developer clearly knew that the adware was a no-go on Android, according to ESET. Each app would check to see if it was running on a device whose IP address fell within Google's known IP address range. If so, it would not show ads.

The software also used regular delays to display ads after standard checks, and would hide its icon from the list of apps users could remove, so it would stay hidden on the phone.

ESET found the app developer, but didn't name the person in the report. It did find, however, that the person is a student at a university in Vietnam. The developer has also created apps for Apple's iPhone, but none of them uses adware, according to ESET. (Other iOS apps do, however.)