Google Play Apps With 150 Million Installs Contain Aggressive Adware

Researchers from Checkpoint Software have identified a massive adware campaign that invaded the Google Play Store with more than 200 highly aggressive apps that were collectively downloaded almost 150 million times. "The 210 apps discovered by researchers from security firm Checkpoint Software bombarded users with ads, even when an app wasn't open," reports Ars Technica. "The apps also had the ability to carry out spearphishing attacks by causing a browser to open an attacker-chosen URL and open the apps for Google Play and third-party market 9Apps with a specific keyword search or a specific application's page. The apps reported to a command-and-control server to receive instructions on which commands to carry out." From the report: Once installed, the apps installed code that allowed them to perform actions as soon as the device finished booting or while the user was using the device. The apps also could remove their icon from the device launcher to make it harder for users to uninstall the nuisance apps. The apps all used a software development kit called RXDrioder, which Checkpoint researchers believe concealed its abusive capabilities from app developers. The researchers dubbed the campaign SimBad, because many of the participating apps are simulator games.

"With the capabilities of showing out-of-scope ads, exposing the user to other applications, and opening a URL in a browser, SimBad acts now as an Adware, but already has the infrastructure to evolve into a much larger threat," Checkpoint researchers wrote. The top 14 apps were collectively downloaded a whopping 75 million times, with the No. 1 app receiving 10 million installs and the next 13 getting 5 million downloads each. The next 53 each received 1 million downloads. The remainder received 500,000 or fewer downloads each. Checkpoint has a full list of all the apps here.

It's a good thing...

Google apps aren't debt-financed because malware doesn't pay the bills.

Re:It's a good thing...

Google has 98,700 employees and yearly revenue in excess of $100 Billion.

But they can't be bothered to check apps for malware when they are submitted.

How nice.

Re:It's a good thing...

But... but... but I thought proprietary software was supposed to be trustworthy! The developers are being paid, that means they have the incentive to secure things, unlike all those *lazy volunteers* in open source! Right? RIGHT?!?!?!

Kudos for actually having a link with the apps

[bobstreo]

It's almost a first for /.

Does anyone have a good list of IPs to block to make the ads in all the apps unreachable?

Re:Kudos for actually having a link with the apps

[Cthefuture]

Install F-Droid then install AdAway from it. Or just install AdAway from the apk. AdAway requires root because it uses the hosts file to block ads. Works good although it will block almost all ad referral links which can be annoying if you actually want to go to an ad-sponsored link.

Re: Kudos for actually having a link with the apps

Hosts files are for brainless psychopaths like APK who literally add no value too humanity

Re:Kudos for actually having a link with the apps

[rtb61]

I have a better solution. Google control that store and clearly they do not give a fuck about the products they sell as long as they get a share of the profits. They only 'care' when they are caught out and forced to do something.

They control the store, they do so as cheaply as possible and fuck the customers, time to make them pay for that attitude, especially based upon the scale that they do it, literally creating a system on purpose to allow hundreds of millions of people to be ripped off, again and again and again.

Make the fuckers at Alphabet/Google pay and make them really pay, for their cheap arse maximise profits criminal negligence.

Re: Kudos for actually having a link with the apps

That is all very nice, but once I root my phone, 5 apps stop working. So that is not an option. Google is preventing anybody else from solving this problem, so they should step up to the game.

Re:Kudos for actually having a link with the apps

[tlhIngan]

I have a better solution. Google control that store and clearly they do not give a fuck about the products they sell as long as they get a share of the profits. They only 'care' when they are caught out and forced to do something.

They control the store, they do so as cheaply as possible and fuck the customers, time to make them pay for that attitude, especially based upon the scale that they do it, literally creating a system on purpose to allow hundreds of millions of people to be ripped off, again and again and again.

Make the fuckers at Alphabet/Google pay and make them really pay, for their cheap arse maximise profits criminal negligence.

You have to remember though, the Google Play Store was supposed to have no oversight whatsoever. It was a response to the Apple App Store Approval Process which was raising a bunch of articles about apps being rejected.

So Google simply adopted a "pay us $35 and post as many apps as you want and we will not reject apps". As Apple rejected apps, Google would happily take them.

Of course, the reality is it's actually easier to be extremely restrictive in the beginning and loosen the rules later, than to be loose and unrestricted in the beginning and having to tighten the reins.

Re:Kudos for actually having a link with the apps

[Bob_Who]

Make the fuckers at Alphabet/Google pay and make them really pay, for their cheap arse maximise profits criminal negligence.

Amen, brother... .. .. ...Well, at least we've got religion, if nothing else.

Re: Kudos for actually having a link with the apps

Don't you try to force religion on ME. Don't tread on me.

It's all shovelware games & a few volume apps

[rsilvergun]

plus one or two photo editing apps. Basically if you don't install dodgy apps it's not a problem. The only odd thing is how many folks don't know any better.

Surprise, surprise! *GOOGLE* is adware

Google is nothing but intrusive, aggressive, evil adware.

Why does TFS make the Google app store being full of intrusive, aggressive, downright evil adware to be surprising?

Re: Surprise, surprise! *GOOGLE* is adware

Well there are some good prank apps. For example, there's an app that makes all your favorite app icons disappear. It's a laugh and a half let me tell you. Real worthwhile people making these things.

Re:It's all shovelware games & a few volume ap

[Freischutz]

plus one or two photo editing apps. Basically if you don't install dodgy apps it's not a problem. The only odd thing is how many folks don't know any better.

You would be amazed at how many people do exactly that. Trying to get them to stop installing free games and dumb-ass gimmick apps is pretty much hopeless, I know that because I have tried. Also, some of these 'dodgy' apps are not at all obviously dodgy like the games and gimmick apps are. I've seen examples of malicious apps that are both not free, and do quite useful things from the user's point of view. Dodgy apps are not always easy to spot.

Re: It's all shovelware games & a few volume a

I wouldn't know. I haven't used an android since I tried one out at the store one time and it made a horrible noise and froze up.

pssst

Android is aggressive adware.

Re: pssst

>In computing, a Trojan horse, or Trojan, is any malicious computer program which misleads users of its true intent.

This sums up Android perfectly.

Re: pssst

[astrofurter]

That sums up the majority of companies in Surveillance Valley.

Re:It's all shovelware games & a few volume ap

[sexconker]

It's not even shovelware. It's farmware.

Do you really think "Man Casual Shirt Photo Suit" has 500,000 legit downloads? Or that "Christmas letters to santa and three wise man" has 100,000?

These apps are downloaded almost exclusively by Chinese slaves in click farms in an attempt to get them boosted on the store's charts. It's all about feeding the algorithm in the hopes that some actual people get suckered in and get subjected to the ads.

Guess I'm stuck with Apple

[jeff4747]

I was thinking of leaving Apple's walled garden with my next phone upgrade. I was already kinda hinky about switching due to all phone vendors that stop OS upgrades so quickly, leaving me with only Pixel models to choose from. This pretty much pushes me back inside the fence.

Re:Guess I'm stuck with Apple

[doubledown00]

Welcome back.

Re:Guess I'm stuck with Apple

Third option: Flip phones. They still make them.

Re:Guess I'm stuck with Apple

I was thinking of leaving Apple's walled garden with my next phone upgrade. I was already kinda hinky about switching due to all phone vendors that stop OS upgrades so quickly, leaving me with only Pixel models to choose from. This pretty much pushes me back inside the fence.

I'm getting a kyocera flip phone for my birthday! Wish I could get it early, but I have to wait till june.

An ad company

[AHuxley]

will do ads.

Re:An ad company

[stevez67]

Only, there's nothing benign about it.

Google is poorly managed?

[Futurepower(R)]

"Google ... can't be bothered to check apps for malware..."

To me, that seems evidence that Google is very poorly managed. Android became the foundation of a HUGE amount of abuse. Why? Doesn't anyone at Google realize the company is self-destructive?

Today: Google faces third EU antitrust fine next week. (Mar. 15, 2019)

Last year: EU fines Google $5 billion over Android antitrust abuse. (July 18, 2018)

Re:Google is poorly managed?

[Bob_Who]

Google, a publicly owned and traded American international corporation, has all the same interests and incentives as the rest of the corporate superpowers that dominate capitalist world trade.

They are likely performing on par. In other words, they are all screwing over the public interest insofar as its profitable for them in their lifetime. They don't care beyond that. Its how the "middle class" pays for their retirement in the form of 401k accounts that are expected to out perform inflation in an investment climate in which savings and bonds can not keep up with it.

What do you suppose that costs society? These very results, for one, are precisely the level of commitment to integrity and social responsibility that we are likely to receive from any of them if we don't put our foot down and pass some sensible legislation.

Oh, wait...we need a functional government and congress for that....never mind,.. we're doomed

Re:It's all shovelware games & a few volume ap

Just stay away from popular apps. They are always the shittiest, most ad and IAP filled apps.

Better yet, install F-Droid and enjoy tons of totally free, high-quality apps with zero malware, ads or IAPs.

Apps Are Craps

This is what you get with app store apps. Remember if you're not the customer you're the product.

Google and YouTube is aggressive adware

but of course we cannot speak about that. It's only when _foreign_ apps and businesses start taking too big shares of the ad revenue that we have to make them out as dangerous.

Re: Kudos for actually having a link with the app

Why would apps stop working if you root your phone? I run LineageOS with root and haven't found anything that doesn't work.

That's Google

You just described Google in a nutshell. They don't care about consumers, only their money

Re: It's all shovelware games & a few volume

Then you're a dick.

You're a wee bit outnumbered... apk

Cthefuture, Mr. Dollar Ton, betsuin, spywhere, devlp0, Ross Finlayson, FudRucker, BlueStrat, Doke, Known Nutter, 110010001000, mmell, allo, gosand, gordoguide, sit1963nz, TheDarkMaster, Reziac, holophrastic, snookiex, rrohbeck, Zeio, Type44Q, Opportunist, 101percent, alexgieg, xenotransplant, chihowa, wonkey_monkey, vel-ex-tech, Sam36, BronsCon, Nunya666, 24-bit Voxel, Jody Bruchon, Timex, nukenerd, ratboy666, mmell, tgibson, grumpy_old_grandpa, aaaaaaargh!, Dave420, rrohbeck, bmo, dlang_rocks, Kernel Krumpit, aNonnyMouseCowered, ldbapp, phantomfive, the_povinator, satch89450, Vlad_the_Inhaler, plasm4, Anubis IV, ciaran2014, mcmonkey, Artem Tashkinov, TheDarkMaster, Magnum7385, Lumpy, justthinkit, nimbius, fyngyrz, peragrin, MTEK, KGIII PhD mathematics, fustakrakich, Dwedit, UnknownSoldier, gl4ss, sootman, TestedDoughnut, TempestRose, lennier1, ScottCooperDotNet, Bill Dog, drinkypoo, Culture20, Rick17JJ, Ol Olsoc, icebraining, Trax3001BBS, fahrbot-bot, EdIII, bLanark, RocketRabbit, TheRealGrogan, Martin Blank, CAIMLAS. drakaan, Dynedain, Lime Green Bowler, Bob9113, wolrahnaes, raju1kabir, mrbcs, gweihir, frovingslosh, tepples, kimvette, Geeky, humanrev, maestroX, phrostie, ElectricTurtle, mattbee, VShael, AndGodSed, jafiwam, i.r.id10t, NeverVotedBush, falconwolf, BrokenHalo, orclevegam, cyberjock1980, Teun, Molochi, Thud457, nasredin, cfalcon, lgw, gad_zuki!, furby076, JazzLad, jandrese, halcyon1234, Anonymous Admin, houghi, drooling-dog, dracocat, betterunixthanunix, someones, sqrt(2), cratermoon, bmo, fast turtle, Kris_J, SydShamino, Technician, pjkeyzer, srmalloy, schwit1, mrbcs, KingAlanI, ksemlerK, Scorch_, Mechanic, NealBScott, Anubis IV, crutchy, damn_registrars, couchslug, green1, wakeboarder, Gothmolly, lesincompetent, ls671, DigiShaman, P. Don, Yaa 101, qwertyatwork, dehole, Em Adespoton, CAOgdin, schwit1, MightyYar, RJFerret, idontgno, technosaurus, bemymonkey, wickerprints, noh8rz10, sexconker, sandbagger, NewWorldDan, Karmashock, aNonnyMouseCowered, Dracos, keith_nt4, networkzombie, jafiwam, JohnFen, SigmundFloyd, EETech1, duck_rifted, The MAZZTer, Anonymous Brave Guy, plasm4, holophrastic, Baki, StikyPad, kermidge, SuperKendall & me!

APK

P.S.=> You're outnumbered 250++:1 against you in /.ers that use hosts & MILLIONS more online that do too... apk

Re:It's all shovelware games & a few volume ap

[sad_]

nothing ever changes, people basically do the same thing on windows.
download and install the most stupid application from any site, no matter how sketchy, just because they think it is funny/handy/...
we've all seen those pc's, they barely work anymore.