Click-fraud apps drove a 100 percent year-over-year increase in the amount of malware installed from Google Play in 2018.
Two Android apps available in the Google Play Store, which had racked up over 1.5 million downloads between them, used a new trick to secretly click on ads without the knowledge of smartphone users.
According to researchers at security company Symantec, the two apps were in the Play Store for almost a year before being discovered. After Symantec told Google about the behaviour of the apps they were removed from the app store.
The two apps — a notepad app called ‘Idea Note: OCR Text Scanner, GTD, Color Notes’ and a fitness app ‘Beauty Fitness: daily workout, best HIIT coach’ – were packed using legitimate packers originally developed to protect the intellectual property of Android applications, Symantec said. As these packers can change the flow of an Android Package Kit this makes it more difficult for researchers who want to understand its inner workings.
MUST READ: Android Google Play app with 100 million downloads starts to deliver malware
The apps also use a sneaky way to display ads while keeping them hidden from the user, effectively placing the adverts outside of the device’s viewable screen area – which means the user simply can’t see it.
“Using this tactic allows advertisements, and any other potentially malicious content, to be displayed freely. The app can then initiate an automated ad-clicking process that produces ad revenue,” Symantec said. But as the app generates these ‘ghost’…