Once again, millions of Android users have been tricked into downloading malicious applications from the Play Store after threat actors managed to bypass the security checks Google has put in place to bar malware. Researchers with ESET have uncovered 42 malicious apps with a total of more than 8 million downloads.
While the apps seemed to perform as users would expect, they were infected with adware that would regularly display full-screen ads on the device. Many of the apps deleted their shortcut icon after installation in order to make it harder for users to delete them. The apps also collected device information to check if apps from third-party stores were allowed. If so, the apps would install more malicious software on the device. The most popular app was Video Downloader Master, with 5 million installs, followed by Ringtone Maker Pro, SaveInsta and Tank Classic, all of which had been downloaded around 500,000 times.
Read more: Millions downloaded dozens of Android apps on Google Play infected with adware