Google Play Store Has Received a New Update

Huawei Mate 20 Pro

Security researchers have discovered a new form of adware buried in more than 200 hundred Android apps listed in the Google Play Store that may have infected in excess of 100 million users.

However, some apps may need location even when the app is not in use.

Other popular simulator apps affected by the bad SDK with at least five million installs included Hoverboard Racing, Real Tractor Farming Simulator, Ambulance Rescure, Heavy Mountain Bus Simulator 2018, Fire Truck Emergency Driver, Farming Tractor Real Harvest Simulator, Car Parking Challenge, Speed Boat Jet Ski, Water Surfing Car Stunt, Offroad Wood Transport Truck Driver 2018, Volumen booster & Equalizer, Prado Parking Adventure, and Oil Tanker Transport Truck Driver.

Users likely wouldn't notice the malicious app since the malware instructs the device to remove the app icon from the device launcher, making it harder to uninstall the app while it displays ads in the background. Apps will have to provide new permissions when targeting Android Q. If an application is targeting Android 9 and lower, the permissions will be automatically added, the company explained.

This was feared to have left over 36million Android devices infected by dozens of apps found on the Google Play Store. That means a modelling app could be used to create 3D images or support AR photography. "These updates will help us all provide a more unified and consistent look and feel for Google Play, allowing us to better showcase your apps and games and provide a higher quality user experience", concluded the blog for Android developers.

Past security research has also uncovered hackers exploiting fake antivirus apps to trick unassuming users into downloading malware to their devices. As of May 1, new apps submitted to the Google Play Store will not be accepted if they don't follow the new icon guidelines. AV Comparatives says it found more apps this year doing this than it did during tests the organization conducted last year. "AV Comparative gives an example of JSON - JavaScript Object Notation - a whitelist that includes an entry for ".com.Adobe".

AV-Comparatives reports that just 80 of the 250 apps detected more than 30 percent of the 2,000 malware samples with no false positives (100 non-malicious control apps were installed as well).

These apps even detected themselves as malicious.

One potential problem, however, is that the change seems to affect any app running under Android Q, whether that app targets the version of Android or not.

The desktop scams became more sophisticated later.

Related:

Comments


Other news