Researchers Ring Alarm Bells As Android Adware Apps Were Installed Over 20 Million Times On Google Play

A team of security researchers from McAfee is ringing the alarm bells about a new set of malware apps that have been installed more than 20 million times through the Google Play Store.

A total of 16 different apps were highlighted as being extremely dangerous and given the label of clicker apps, which includes, High-Speed Camera (10,000,000+ downloads), Smart Task Manager (5,000,000+ downloads), Flashlight+ (1,000,000+ downloads), K-Dictionary (1,000,000+ downloads), BusanBus (1,000,000+ downloads), Quick Note (500,000+ downloads), Currency Converter (500,000+ downloads), Joycode (100,000+ downloads), Instagram Profile Downloader (100,000+ downloads) and more. These manage to make their way into the Google Play Store which most people consider to be the safest out there in terms of their Android devices. But this new report is proving otherwise.

So what are Clicker apps and are they really that dangerous? Well, you might be surprised to learn that the answer to such questions is yes!

These apps are outlined to be a type of adware that is responsible for loading all types of ads located inside invisible frames. They’re situated in the background and entail plenty of clicks that assist in making money through operators.

This ends up causing serious changes to a user’s device like poor performance, extra battery consumption and even overheating. Let’s not forget the great charges that come with mobile data too.

While all the apps highlighted by the McAfee team may have been removed from the Google Play Store after this particular report was published, the news is definitely concerning. And that has to do with the great figures attached that comprise over 20 million.

One of the worst ones outlined is called DxClean. It’s been downloaded more than 5 million times before it was labeled malicious. But overall, you’ll be amazed at the great ratings it received on the store as one of the most popular cleaners for systems out there, including a great optimizer too.

It promised to detect all sorts of slowdowns taking place on your system and even halt annoying ads that pop up. But it’s interesting to note how it was doing just the same in disguise or behind the scenes.

So how exactly do these clicker app function? Once they’re installed, these apps download their respective configurations through remote locations and need to register FCMs to get respective push texts. These entail instructions for clickers like the parameters being used and functions for calls

McAfee then went on to explain in its report how the FCM would receive a message and then meet the same condition, this caused the malicious app to begin functioning. So the main goal is to visit those web pages that get delivered through FCM means.

They will respectively scan these while trying to copy the user’s actions, as explained by researchers out there. Security experts also revealed how the app’s live posting SDKS may function alone and create ad impressions but newer versions for such apps actually entail both types of libraries.

No victim gets the chance to directly engage with the website that’s opened so it’s not likely that they’ll end up noticing any underground processes that take place such as how it makes profits for the respective remote operators.

Another strategy that it uses to avoid being caught is not starting off the activity during the first hour after app installation. So with a delayed start, users are unlikely to notice and hence carry on with their usual activity.

Experts claim that one way to figure out if you’ve got this app installed is to keep a check on battery consumption. If your system is not being used for a while and still your battery is getting drained and your data is being consumed, something is definitely fishy.

Read next: New Study Highlights The Skills Gap In The Cybersecurity Industry Due To Shortage Of Qualified Professionals
Previous Post Next Post