More Than 200 Android Apps Infected By SimBad Malware Taken Down From Google Play Store

Check Point, a cyber-security firm, reported that an adware called SimBad infected 206 apps on the Google Play Store, which affects nearly 150 million Android users. A great number of applications on the Google Play Store infected by the adware were shooter or racing games.

SimBad masked itself as a real advertising SDK named “RXDrioder” and it fooled various game developers by making them believe that it can be used to control the way the advertisements were being served. As per the research, the ‘RXDrioder’ makers were reported to make use of the kit of RXDrioder to hide the malware in the applications to avoid suspicion. Then, the adware will be used to show advertisements for private profits. Check Point also claims that SimBad registered itself to the ‘USER_PRESENT’ and ‘BOOT_COMPLETE’, which allows the adware to work even when the device is being used by users.

In addition to showing advertisements, the malware can perform various actions such as removing icons from the launcher, making the uninstalling process more difficult for the users and displaying background advertisements. Also, it can open particular URLs in the web browsers to show as many advertisements as possible. Besides, it can even open paid applications on Google Play Store and 9Apps to earn more profits. CounterPoint stated in the report:

Furthermore, the SimBad’s makers are reported to be able to take control of other applications with the RXDroider SDK, thereby much more threatening developers and users as well. However, the tech giant has removed all affected applications from the Google Play Store when being notified about the adware. This is not the first time that the search engine giant has removed apps from the Google Play Store.