According to a new report from Trend Micro
(via Tech Crunch
), more than 9 million Android users were duped into installing 85 apps from the Google Play
Store that contained adware. These were listed as games, TV and remote control simulator apps. The adware that these apps contained were able to push out full screen ads, ads that were hidden, and ads that ran in the background. This created revenue for those behind the scheme.
While a full list of the apps involved can be found in an appendix to Trend Micro’s report
, Google did suspend all 85. When Trend Micro tested these apps, they all exhibited similar behavior starting with a full-screen ad once the app was open. After closing the ad, typically the next screen would have a button that needed to be pressed such as “Start” or “Next.” Pressing that button would call up another full-screen ad. Once that ad was closed, users would see a screen with multiple options. Pressing on any of those buttons would result in another full-screen ad being served.
After that, the app would show that is was in the process of loading or buffering. After a few seconds, the app would disappear from the screen and the icon also disappeared from the phone
or tablet. Even though the app was hidden, a full-page ad would appear on the user’s display every 15 to 30 minutes. Ads would also appear every time the user unlocked his/her device. While the apps could be uninstalled, the user would have to act only when there was an opportunity since ads were being served so often.
One particular title, Easy Universal TV Remote (see image at the top of this article), had more than 5 million installs. However, a cursory read of the comments section should have alerted Android users to a problem with the app. One reviewer wrote, “Downloaded the app twice…ran long enough to ask me to vote for stars and then crash (sic). The app then disappeared from my phone but appeared to be installed. My guess is it continued to run ads in the background. Pure scam.”
How these adware apps worked