Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET! Learn What IT Pros Need to Know About Windows 11 - August 26th at 1 PM ET!

Millions of Android Devices Infected by Malicious Apps

Lest there be any doubt that Android is the new Windows, Google has just pulled three adware-distributing apps from its Play Store, but only after several millions devices were infected. The search giant finally removed the apps after security firm Avast alerted it to the dangers, but there is evidence that Google knew about the suspicious apps for weeks.

In a somewhat self-serving post in which it also promotes its Android security app, Avast explains how one of the three apps functioned.

“It seems to be a completely normal and well working gaming app,” Avast’s Filip Chytry writes. “This impression remains until you reboot your device and wait for a couple of days … Each time you unlock your device an ad is presented to you, warning you about a problem, e.g. that your device is infected, out of date or full of porn … You are then asked to take action. However, if you approve you get re-directed to harmful threats on fake pages, like dubious app stores and apps that attempt to send premium SMS behind your back or to apps that simply collect too much of your data for comfort while offering you no additional value.”


Sponsored Content

Read the Best Personal and Business Tech without Ads

Staying updated on what is happening in the technology sector is important to your career and your personal life but ads can make reading news, distracting. With Thurrott Premium, you can enjoy the best coverage in tech without the annoying ads.

It’s a classic adware scheme in other words, one that relies almost solely on social engineering. But in a case like this, it falls on Google, as the arbiter of the platform’s app store, to ensure that the apps it approves meet criteria for reliability, usability and, yes, security. That’s the benefit of any first-rate mobile app platform, whether it’s from Amazon, Apple, Google, Microsoft or any other company.

Avast doesn’t address that issue, though it notes that one of those apps was downloaded between 5 and 10 million times.

But the three apps that Google just pulled—an English language card game, and an IQ test app and history app aimed at Russian speakers—were clearly suspicious and should have been caught during Google’s app approval testing process. And according to feedback in Avast’s forums, Google had been fielding complaints about these apps since last month. Worse, users examining the apps’ package files were able to easily identify the malicious bits, including the timer for when the app starts displaying bogus pop-ups on the device. This behavior wasn’t even well-hidden.


Maybe it’s time for some kind of a security overhaul of the world’s most popular mobile computing platform. Google might give it on obvious name. Something like, oh I don’t know, Trustworthy Computing.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Paul Thurrott is an award-winning technology journalist and blogger with over 20 years of industry experience and the author of over 25 books. He is the News Director for the Petri IT Knowledgebase, the major domo at Thurrott.com, and the co-host of three tech podcasts: Windows Weekly with Leo Laporte and Mary Jo Foley, What the Tech with Andrew Zarian, and First Ring Daily with Brad Sams. He was formerly the senior technology analyst at Windows IT Pro and the creator of the SuperSite for Windows.

Register for Advanced Microsoft 365 Day!

GET-IT: Advanced Microsoft 365 1-Day Virtual Conference - Live August 24th!

Join us on Tuesday, August 24th and hear from Microsoft MVPs and industry experts about how to take advantage of Microsoft 365 at a technical level and dive deep into the features and functionality that will make your environment more secure and compliant.


Sponsored By