21 Rogue Android Apps Need Removing

John Lister's picture

Security researchers have exposed more than 20 rogue Android apps that secretly load ads as part of a scam. The rogue apps perform their advertised tasks for cyber criminals, but also drain batteries and overheat phones in the process.

It's another embarrassment for Google as all the apps were found in the official Google Play Store, which is designed to vet apps to reduce the chances of malicious activity.

Remove These Rogue Android Apps Now

Researchers at ESET antivirus say they found 42 apps have been part of an orchestrated campaign running since July last year.

They were able to identify 21 apps as still being available in the Play Store during their research. Once they told Google, it removed them from the store. (Source: mirror.co.uk) However, users with any of these apps on their phone should uninstall them immediately:

  • Basketball Perfect Shot
  • DU Recorder
  • File Downloader
  • Flat Music Player
  • Free Social Video Downloader
  • Free Top Video Downloader
  • Free Video Downloader
  • Freed Radio FM Online
  • Heroes Jump
  • HikeTop+
  • Mini lite for Facebook
  • MP4 video downloader
  • Ringtone Maker
  • Ringtone Maker Pro
  • SaveInsta
  • Smart Gallery
  • Smart Notes for You
  • Solucionario
  • Tank classic
  • Video downloader
  • Water Drink Reminder

The rogue apps follow a familiar pattern. They claim to perform a simple function and deliver as promised. The problem is that in the background they are "silently" loading online ads which the user doesn't always see. The scammers then claim payment from advertisers who are unaware their ads are being delivered in this way.

Apps Spot Google Security

This particular campaign uses four specific tricks according to ESET:

  1. The apps check whether Google Play's built-in security checks are running. If so, they simply work as advertised and pause the ad delivery.
  2. They delay the point when the ads actually appear. That's partly to make sure the ads don't run while initial security software checks are operating and partly so that if users do see the ads, they don't immediately associate them with the app.
  3. They replace their icon with a shortcut, similar to those which appear on the traditional Windows desktop. If the user deletes this shortcut, the app itself remains on the phone.
  4. Rather cheekily, the code for the ad delivery is packaged under a name that includes the word "Google". That takes advantage of security tools that "whitelist" Google to avoid disabling important system tools. (Source: welivesecurity.com)

What's Your Opinion?

Have you ever noticed unexplained battery user, overheating or unwanted ads on your phone? Should Google do more to vet apps in the Play Store? How do you decide which apps are safe to install?

Rate this article: 
Average: 5 (7 votes)