Criminal hackers infiltrated the Google Play Store and Apple App Store with malicious apps. However, this time, the apps running the HiddenAds campaign gained traction via TikTok and Instagram promotions.
HiddenAds Campaign Apps Flooded iOS And Android Play Store
Researchers from Avast have disclosed details about the HiddenAds campaign that executed via
malicious iOS and Android apps. They spotted as much as 7 different applications on both app stores that belonged to the adware campaign.
Describing HiddenAds, the researchers stated in a previous post,
HiddenAds refers to a family of Trojans that disguise as safe and useful applications. But in fact only serve to display intrusive ads to the user. The discovered apps mask as games and have a timer-triggered hide app icon feature alongside the ability to display device-wide ads.
Briefly, the malicious campaign drew Avast’s attention after a Czech student reported them about one such app. The girl noticed the app aggressively promoted via TikTok.
Following her tip, Avast investigated the matter to unveil seven different applications belonging to the same campaign.
Together, these have over 2.4 million downloads. It means the apps potentially preyed on millions of Android and iOS users.
Besides, the apps generated a revenue of around $500,000 for app creators.
The Avast team found at least three profiles that are aggressively pushing the apps on TikTok, one of which has more than 300,000 followers. They also found an Instagram profile with more than 5,000 followers promoting one of the apps.
Regarding the nature of the apps, Jakub Vávra, threat analyst at Avast, said,
The apps we discovered are scams and violate both Google’s and Apple’s app policies by either making misleading claims around app functionalities, or serving ads outside of the app and hiding the original app icon soon after the app is installed.
Be Wary Of Malicious Apps
According to Vávra, the promotion of such apps on social media among the youth is alarming.
It is particularly concerning that the apps are being promoted on social media platforms popular among younger kids, who may not recognize some of the red flags surrounding the apps and therefore may fall for them.
Hence, kids and adults should learn to spot scam apps before falling prey to the scams. Some quick tips include checking customer reviews, checking for unusual paid offers and subscriptions, and the permissions that an app requires on the device.