By virtue of being the world’s most widely used mobile operating system, powering well over 2.5 billion devices out there, Android has often been the target of malicious activity by persons with ill intent. That is to be expected for any platform of the size and stature of Android.
The consequences, however, can be quite dire to both individuals as well as enterprises. Compromise on one’s personal device can be devastating when the same device is introduced in a corporate network, for instance.
That is why every now and then, you will encounter news stories about this exploit and that exploit. That is also why, a few years ago, Google resorted to be patching up any identified exploits every month and issuing the relevant fixes to users of all devices (even though users remain at the mercy of the makers of their devices in order to access them – something that Google is keen on changing this year).
Another step taken by Google in recent years has been constantly scanning applications availed by developers through the Google Play Store and those installed by users from other sources using Google Play Protect.
However, it is obvious that that is not enough. While Google is doubling down on security and privacy with the latest version of Android, with adoption being the way they are, and monthly security updates being a distant dream for many, there’s still much more to be done.
This is why it is not that surprising to find out that at least 17 applications that have collectively amassed a user base of over half a million, managed to sneak in to the Play Store undetected and avoid the all-seeing Google scanners before infecting users’ devices with adware.
“Bitdefender researchers recently found 17 Google Play apps that, once installed, start hiding their presence on the user’s device and constantly display aggressive ads. While not malicious per se, the tactics they use to smuggle themselves into Google Play and dodge Google’s vetting system are traditionally associated with malware,” a report from cybersecurity solutions company Bitdefender states in its opening.
According to the Bitdefender researchers, in order to operate under the radar and avoid Google’s watchful eye, the offending apps would hold off displaying any ads to users for up to 4 hours after installation.
“The ads are displayed at random time intervals, making it hard for users to recognize a pattern of when ads are shown,” the statement adds.
While it’s a common thing to bash device makers for shipping software that is ridden with ads as they seek to make up for the thin margins generated by every smartphone they sell, as users we may have a little contribution to our own ad woes when we install apps ridden with adware like the 17 listed below:
While Bitdefender says that Google has been notified and these applications are being taken offline, as an added cautionary measure, if you have any of them installed just get rid of them immediately! While the apps may appear to be useful to their users – some provide some form of entertainment like games or help with utilitarian tasks – under the radar, they could be the cause of slow performance on one’s mobile device as they communicate with remote servers to load and run ads.
Even worse, some have been caught requesting sensitive user data like phone model, IMEI, IP address, MAC address and location information. Yikes!
Of course, Bitdefender would want you to stay safe from incidences like the ones they have identified in their latest report by having you use one of their products. That’s the catch (the same is true of just about any other report you might encounter on the subject).
However, while one’s discretion on this is advised, we know for a fact that that is not all and may be further from the truth. A little vigilance on your part with regards to what apps you install on your phone, no matter how glowing the user reviews on the Play Store are (if there’s any lesson we can learn from these 17 apps), might do you much better service than yet another resource-hungry app on your phone.