Malware apps bypass Google Play security by posing as game cheats & display ads on smartphones every half hour
Fake Android apps that infect users smartphones by posting unwanted ads every 30-40 minutes have been installed more than 200,000 times within a month, according to research from IT security firm ESET.
The apps, which are available on the Google Play store but disguised as cheats for popular games, force ads to appear on a users phone.
ESET found the apps had managed to evade security measures put in place on Android to protect from malicious apps, such as Google Bouncer, and contain a self-preservation code that makes removal difficult.
The fake apps were listed as Cheats for Pou, Guide for SubWay and Cheats for SubWay, but actually contained Android/AdDisplay.Cheastom virus. ESET informed Google, which has now removed the apps, although not before they had been downloaded by more than 200,000 users.
“These aggressive ad-displaying apps attempt to hide their functionality from security researchers by deploying techniques, which succeeded in being downloaded over 200,000 times in a single month,” said ESET malware researcher Lukáš Štefanko.
“The anti-Bouncer technique used by these apps obtains the IP address of a device and accesses its WHOIS record. If the information returned contains the string ‘Google’, then the app assumes it is running in Bouncer.
“Should the app detect an emulator or Google Bouncer environment, the ads are not displayed. Instead, the app will simply provide game cheats, as expected.”