JOHANNESBURG – ESET researchers have discovered a yearlong campaign on Google Play with eight million installs of adware by ESET as Android/AdDisplay.Ashas.
The team managed to track down the malware’s developer and discover additional adware-laden apps.
“We identified 42 apps on Google Play as belonging to this adware campaign, with 21 still available at the time of discovery. The Google security team removed all of them based on our report. However, they are still available in third-party app stores,” says Lukáš Štefanko, ESET malware researcher.
The apps provide the functionality they promise – including video downloading, simple gaming and radio play - besides working as adware. “The adware functionality is the same in all apps we analysed,” says Štefanko.
The apps use several tricks to reach users’ devices and remain undetected: checking for Google Play’s security testing mechanism; delaying the display of ads until well after the device is unlocked; hiding their icons and creating shortcuts instead.