Millions of Android users are vulnerable as a new malware that infiltrates the devices via malicious apps on Google Play store is on the prowl.
The alert comes courtesy of Avast, a security firm, which reports that the adware is installed on an Android user's device via seemingly authentic content.
Avast was alerted of the adware thanks to a user comment on its forum. This prompted Avast to conduct an inquiry which led to the discovery of the issue.
"I've found a dozen of apps in Google Play with same malicious ad sdk integrated. Each time you unlock your device the app will open ad url in background or show interstitial ad over the screen," noted the user on the forum.
Once installed, the malware/adware begins to show undesired adverts that are masked as warnings to users and alarmingly, at times the adware does not appear even after 30 days of app installation has lapsed.
So how did the malware dupe unsuspecting Android users? Every time a user unlocks his device, an advert that alerts the user about an issue is shown. For example, the advert would say that the device was out of date or infected or full of porn. The user will then be told to take action, and if the user complied and approved the action he would get redirected to fraudulent pages and scams, which may get the potential victim to download untrusted apps.
"An even bigger surprise was that users were sometimes directed to security apps on Google Play," reveals Filip Chytry of Avast. "These security apps are, of course, harmless, but would security providers really want to promote their apps via adware?"
The malicious apps included the Durak card game (has now been pulled from the store), which was installed over 15 million times. A Russian IQ test that was installed 5 million times and a Russian history app with 50,000 installs also left Android users vulnerable to adware. These apps too have been removed from the Google play store.
Unfortunately, there is no way of knowing which apps on the Google Play store are malicious.
Check out the video courtesy Andrei Mankevich, who reported the issue to Avast, below which shows what a device will look like when infected by the malware.