A high number of downloads in a given application can be a way of certifying its origin. However, this is not the case for two apps downloaded over 1.5 million times on Google Play.
The so-called click fraud present in the “Idea Note: OCR Text Scanner, GTD, Color Notes” and “Beauty Fitness: daily workout, best HIIT coach” tools cause battery drainage, reduced performance and even increases mobile data usage on smartphones already infected.
Discovered by Symantec researchers, the apps placed ads in places that were not visible to users. One was at the bottom of the notification drawer. By clicking on the system message, Android would open the ad without the device owner noticing. The practice took place for almost a year.
“As threat actors drive ghosting clicks and ad revenue, affected devices will suffer from dead batteries, slow performance, and a potential increase in mobile data usage due to frequent visits to ad sites. These apps went unnoticed on the Google Play Store for almost a year, affecting about 1.5 million users before we discovered their sneaky behavior. Applications’ use of Android wrappers and the unusual method of hiding ads adds a level of complexity to security researchers. ”
May Ying Tee and Martin Zhang
According to professionals at the digital security company, another possible way for action would be to change the entire structure and flow of the APK through so-called wrappers. However, malicious apps would have already been removed from the Play Store.
Remember that since last week, Google has spent three days approving apps for your store to better analyze the content that would be available on the platform. The decision would not have pleased new developers.
Did you already know about applications discovered by Symantec? Report to us if you ever felt any difference in your phone with them installed.