Google Lets Million Of People Download Malware-Laden Apps

It has been a monthly occurrence that Google let Android apps filled with malware slip out of their hands and get the devices of millions of people. Recently, the search giant purged 25 of such apps from its store. Symantec found out that these apps share the same code structure, meaning they could have come from the same developer. These apps cover lots of aspects, from fashion to photo, and they been downloaded over 2.1 million times.

After users install one of the apps, its icon will be hidden and an ad will be displayed in full-screen mode. The ads do not tell users from which app they come from and they can show up even when the malicious app has been closed so that users have no idea which app is the source. According to Symantec, what these bad actors are after is money gained from displaying ads.

With the similarities between the apps, we have reasons to believe that they all come from just one organization. The way these apps are published can also trick users into downloading them. Each app will have two versions, one is malware-free and the other is laden with adware. The benign version might be ranked top but when users search for its name, they have a 50-50 chance of getting the malware version.

This latest wave of malicious apps is different from the last one in the way that their icons will be hidden. There is a remote switch in the configuration files, so when Google conducts security test, they cannot find any problem in the code.

Security companies like Symantec usually find malware-laden apps on Google’s Play Store, which makes people question the proactiveness of the company in protecting its users. Google may have an effective measure but somehow these apps still find a way to fall through the cracks.