9 Million Users Downloaded Fraudulent Google Play Apps
Nearly ten-million users unknowingly downloaded fraudulent ad malware apps on Google Play, touted as game and photography apps. A total of 85 fraudulent apps have been identified and deleted from Google Play.
Although Google Play routinely audits and removes any policy-breaching apps, these apps were more evolved and sophisticated than their predecessors.
Once the adware apps were installed, they displayed copious amounts of advertisements to the user, generating revenue for the app developer.
Additionally, many of the apps had deceptive methods of preventing deletion. Some apps had their app’s icon hidden, and instead created a short-cut on the phone’s home screen, thus avoiding deletion via being dragged and dropped into the “uninstall” section of the phone’s screen.
Trend Micro, the company that uncovered the fraudulent apps, provided a list of these apps — including Cos Camera, Pop Camera, Super Selfie Camera, and One Stroke Line Puzzle — all had a million downloads each.
These apps all had one commonality – the sheer volume of one-star reviews on Google Play. The most common complaint was the copious amounts of advertisements. Although this should have deterred many users, this was counteracted by just as many five-star reviews. These positive reviews could easily have been purchased or disingenuous.
The issue of fraudulent apps does not just extend to adware. Often innocent-looking apps are hidden ad-fraud apps, that once downloaded generate revenue for the app developer
Ad fraud is commonly perpetrated by these malicious apps, that once downloaded go on to perform a wide array of fraudulent activities from user’s genuine phones, such as SDK spoofing, click spamming and click injection. Ad fraud is estimated to cost advertisers $5.8 Billion this 2019 according to a report by the Association of National Advertisers, based in the United States.
Interceptd discovered in their report – State of Mobile Ad Fraud 2018, that 27% of mobile ad traffic in Google Play is fraudulent.
Last year, Google removed over 700,000 malicious and fraudulent apps from Google Play. Google does not usually comment on these removals, aside from announcing their deletion.