Home Hacking News Over 100 Apps Linked To An Adware Campaign Removed From Google Play Store

Over 100 Apps Linked To An Adware Campaign Removed From Google Play Store

by Abeerah Hashim
Android March 2023 update

Once again, Android users may have fallen prey to a malware campaign via malicious apps. As discovered recently by the researchers, nearly 200 apps tricked users as part of a massive adware campaign. Of these, more than 100 apps with millions of installs flooded Google Play Store.

Adware Campaign App Flooded Google Play Store

Researchers from Trend Micro have discovered a massive adware campaign designed to trap Android users. The campaign involved nearly 200 apps targeting Android OS, of which a major chunk flooded Google Play Store. The researchers have shared their findings in a blog post.

As revealed, researchers caught active adware AndroidOS_HiddenAd.HRXAA and AndroidOS_HiddenAd.GCLA hidden in numerous apps targeting Android users. These apps predominantly included camera and game applications available for free download.

The researchers specifically identified 182 apps taking part in this campaign. Of these, around 111 were available on the Google Play Store, whereas the remaining existed on third-party stores for Android, such as 9Apps and PP Assistant. Among the 111, 43 apps appeared unique, whereas all others seemed mere duplications of these.

Regarding the adware, the researchers found it a robust one which had the capability to hide the app’s icons. Thus, throwing full-screen ads to users with virtually no option left to go back. The adware also had the power to evade sandbox detection.

Although, the apps appeared to be from different developers, the researchers could identify their linkage to the same adware campaign due to their shared code structures and similar behavior.

Following the installation on a victim’s device, the app icons would disappear after running for a brief period. Thus, it used to become difficult for users to locate and uninstall the app. The adware would display full-screen apps every time the user unlocked the infected device. The ad would then continue to display for a specified time with no option to exit. The close button would appear only after the completion of the specified period.

During the entire time of their installation, the apps continued to consume the device’s memory and battery.

Google Removed The Malicious Apps

The apps constituting this adware campaign looked really popular among the users considering their downloads. In all, they had 9,349,000 downloads.

Fortunately, by the time the researchers analyzed the campaign, Google removed the majority of these apps. Whereas, until the public disclosure of the matter, Google removed the remaining eight apps as well. Some of these apps included the following.

adware campaign Android apps

Source: Trend Micro

While the apps have been removed, the risk for the emergence of another similar campaign isn’t over. Therefore, users must remain cautious while downloading apps from untrusted sources.

Let us know your thoughts in the comments.

You may also like