Thumbnail for 60766

Google Pulls Sketchy Android Apps -- But Not Before Millions Downloaded Them

Android users are being warned that three apps available in the Google Play store were found to contain malicious adware. By the time the discovery was publicized, millions of people had already downloaded them.

The apps — “Durak Card Game,” “Russian History” and a Russian-language IQ test — were fairly popular, though they never reached “Candy Crush” levels of success. “Durak,” the most popular of the three, may have been downloaded up to 10 million times, according to Filip Chytry, a malware analyst for security firm Avast who detailed the situation in a blog post.

Once downloaded to a device, the apps waited a while before striking, perhaps giving victims time to download other apps and obscure the source of the problem. After as many as 30 days, the apps produced pop-up ads telling users that their phone or tablet was “infected, out of date or full of porn,” according to Chytry. Those ads included links to malicious pages instructing users to download more apps, some of which collected personal data or generated charges from text message scams.

Liz Markman, a Google spokeswoman, told The Huffington Post that the three sketchy apps had been pulled by Wednesday. But for many users, the damage was done. The BBC reports that “Durak” had been on Google Play since as far back as November 2013.

After the problematic apps were downloaded, they prompted pop-ups to appear, as one user demonstrates here. (Source)

Markman said apps are scanned for malware, spyware and Trojans as they are uploaded to Google Play, but these three clearly slipped through the cracks. Jason Hong, head of app-tracking service PrivacyGrade and an associate professor at Carnegie Mellon University, told HuffPost it’s possible that the problem came from malicious ad code rather than the apps themselves. That may have helped them evade detection.

“It’s not entirely clear whether the original app itself was malicious and they just played a long game, or used an advertising network that happened to have a malicious ad,” Hong said via email. “If you imagine that an app is made out of Lego pieces, some of these pieces are made by other people.”

In other words, the app could be capable of serving up ads from disreputable networks that try to infest your phone — a slight but significant distinction from the app itself attacking your system. Ad networks like this are often a problem for apps, as Hong told HuffPost in November, though usually they aren’t so aggressive.

Users should always make sure they read reviews before downloading an app, even from official app stores like Google Play, and they should try to download apps developed by reputable companies they’ve heard of before. Performing a simple Google search on an app before hitting “download” could save a lot of grief.

If you downloaded one of these three apps and want to clear your device of the adware, a representative for Avast said its mobile security app will fix the issue — but only if you subscribe to the premium version, which is either $1.99 monthly or $14.99 annually.

To protect your phone against malware in general, software from Avast and competitors like Lookout can be used to clean out your phone or tablet.

According to a recent report from Lookout, mobile malware exploded in the United States last year, and it’s a problem that is likely to grow in 2015.