Like other app stores, Android’s Google Play Store attempts to mitigate the risk of malware exposure within their approved apps. Unfortunately, malware authors are finding ways to worm their way past these controls.
Most recently, cyber criminals developed an ad-serving platform which was included in approximately 200 different Android apps, likely without the knowledge of the app developer. This “ad-serving platform” would leave a backdoor open for malware to be installed on the device. Beyond the backdoor, the platform would also scan the device’s web browsing history and serve up fake ads to generate fraudulent revenues.
Since being found, the apps have been removed from the Google Play Store; however, that does not uninstall it from every device these apps can be found on. In total, the impacted apps have been downloaded over 150 million times. Due to the sheer magnitude of the download numbers and the number of impacted apps, it is important for Android users to do the following:
- Review a list of all the impacted apps here
- If the infected apps are installed, delete them immediately
- After successful deletion, clear all cookies then run a security scan to remove any potential malware installed through the backdoor
** If the Android devices do not have antivirus protection installed, it is important users do so immediately.