Nuisance Adware Blights Google Play Again

Written by

Mobile security firm Lookout claims to have found 13 new pieces of adware in the Google Play app store, potentially affecting up to half a million users.

The firm claimed in a blog post that the new instances of adware belong to two families – HideIcon and NotFunny.

The former makes itself hard to remove from a mobile device once installed by making the icon invisible to the user – before pushing out a range of annoying advertising.

“There seem to be no terms of service and the app does not provide value to the user,” said Lookout.

The adware instance discovered by the vendor was apparently disguised as a card game and had been downloaded up to 5000 times.

The second adware family accounted for 12 of the 13 instances spotted this time around by Lookout researchers – hidden in a range of apps from a number of different developers.

“After Google removed a group of applications, the developer behind them re-uploaded two of the apps, this time with the adware component removed,” the firm explained.

“This could suggest that the developer added adware into the app without knowing its aggressive properties or didn’t understand Google’s rules. Of course, the developer could also simply have realized he or she wasn’t going to get away with it anymore as well.”

NotFunny has both dropper and payload, with the former hiding itself in wallpaper apps, ringtone apps and various other titles.

If a victim downloads this dropper it will then apparently prompt them to download the payload, which is disguised as Facebook – even down to the icon it drops onto the phone’s app launcher.

After download the payload hides itself and begins pushing aggressive ads to the user.

Lookout said Google took all 13 instances of adware down from Play as soon as it was notified by the firm, but cautioned users to be alert in the future.

It urged Android fans to do their research before downloading apps – looking especially at what permissions they request – and only to do so from trusted developers.

Adware is a persistent problem on Google Play, despite levels falling “dramatically” in 2014, according to the most recent Lookout Mobile Threat Report.

One recent development which might help rid the platform of ad-peddling software is Google’s decision to conduct manual reviews of apps before they can be uploaded.

This brings it more in line with the iOS app approvals process, although with much shorter waiting time for developers.

However, Lookout European managing director, Thomas Labarthe, argued that “no review process is perfect.”

“While we think Google does an overall good job of keeping bad apps out of the Play Store, there’s still going to be something that slips in,” he told Infosecurity. “That’s why industry collaboration is so important and people need multiple layers of security.”

What’s hot on Infosecurity Magazine?