There is no denying that Android is the most widely used smartphone operating system on the planet. However, the sheer ubiquity of Android smartphones has made them the target of various types of viruses and malware. In an attempt to curb this menace, Google introduced a feature known as Google Play Protect — a security feature that periodically analyzes apps installed on users’ smartphones for malicious behavior.
Google claims that its Play Protect program provides an additional layer of security to users over and above the rigorous security testing that every app on the Play Store supposedly undergoes. However, given that there are over 3.5 million Android apps available for download on the Google Play Store, in the past, there have been malicious apps with over four million downloads slipping through the cracks.
In the latest such example, Google removed 16 apps from the Play Store after security researchers at McAfee found that they were committing ad fraud. Interestingly, all the affected apps performed genuine utilitarian functions. What makes this news even more alarming is that these apps had a combined installation count of more than 20 million.
What did these malicious apps do?
As outlined earlier, all the affected apps performed legitimate functions like turning on the flashlight, reading QR codes, and even helping users convert measurements. However, while these apps functioned as they should, the one thing common with them was that they silently downloaded additional code without the user’s explicit permission. This malicious code helped the developers of these apps commit ad fraud.
Once the malicious code was downloaded, these apps used Google’s own Firebase Cloud Messaging Platform to repeatedly open specific websites in the background and click on ad links — all happening without any user intervention. The code also lets these apps mimic the behavior of a typical smartphone user. In addition, the malicious code was also designed to do all of this discretely without the smartphone user touching his phone. Below, we have mentioned the names of all the apps confirmed to have been affected by this malicious ad fraud.
- Cozy Camera
- Smart Task Manager
- Flash Plus
- Memo Calendar
- Candle Protest
- Smart Currency Converter
Apart from helping the developers of these apps make illegal ad money, this fraud mechanism also led to increased data consumption and poor battery life on affected devices. In case you have any of these apps installed on your smartphone, now would be a good time to uninstall them.