A collection of malicious Android apps hidden in the Google Play Store have been discovered that not only slow down the victim's device, but also generate high phone bills through annoying malware.
McAfee cybersecurity researchers said they found 16 so-called "clicker" apps with more than 20 million downloads currently.
The applications are mainly advertised as utility solutions: flashlight applications, profile downloaders, system checkers, security applications, dictionaries, currency converters, etc. In fact, the biggest app on McAfee's list is DxClean, a "system cleaner and optimizer," with over five million installations.
Automated ad clicks
Clicker apps are, as the name suggests, apps that click things. They work in the background of the device, load ads so that the user does not see them and then clicks on them, generating additional revenue for the developers. Depending on the victims' mobile data plans, these apps may also incur additional charges.
However, most of the time, they will just slow down the device and drain the battery a bit quicker.
The apps are also designed to mimic human behavior, as ad networks have become relatively good at stopping bots and don't pay revenue for clicks and automated bots. Furthermore, they are also quite good at hiding from users, delaying their activities for the first few hours after installation, to ensure that users do not notice any significant drops in performance.
While Google says it has now removed all apps from its repository, it can't remove them from users' devices, so until users remove apps, they remain at risk.
Anyone who suspects that their devices contain these kinds of apps should experiment with leaving their smartphone idle for a few hours. If it loses too much battery or shows an increase in mobile data consumption, they should remove the possible malicious applications before restarting the experience.
The full list of malicious apps can be found at this link (opens in a new tab).
Via: BleepingComputer (Opens in a new tab)