Google has removed several malicious Android apps from the Play Store after several reports that the programs were overloading users' devices. At least 38 Android apps have been identified as threats, bombarding users with out-of-context ads and intrusive browser redirects. The apps were allegedly developed by the same criminal group, which was able to obtain services from the official Play Store by disabling malvertising in the source code to bypass Google's security protections.
Beauty apps
The apps were identified by security company White Ops, who reported their findings to Google for removal. Most were beauty-related packs or filters, including selfie apps or services that promised to add various filters to users' images. Once downloaded and installed, the apps bombarded users with intrusive ads, repeatedly tried to open browsers to redirect to websites, and tried to prevent uninstallation by hiding their app icons. . Most of the apps appeared to be modified or patched versions of previous services, which few users had seen with the Play Store until the anti-adware code was removed. Although many were initially accepted into the Play Store, these original apps typically only lasted a little over two weeks on the market before being detected and removed by Google. Despite their short lifespan, White Ops has found that the 17 apps have been downloaded more than half a million times in total. In an attempt to reinstall their apps, the developers have taken a number of steps to try to trick Google into accepting them again, which mainly involves removing the malicious code completely. This would encourage the Play Store to remove the apps, which, once downloaded, would add this code back through a data update. This included the use of Arabic characters, including verses from the Qur'an, instead of English in the application's source code, hiding the malicious functionality. All apps have now been removed, and Google claims that suspicious additions will be closely scrutinized, such as those mentioned in the White Ops report. via ZDNet