Not a good look for Android

Picture: PC Mag

Matthew Humphries

to the

PCMag

2020-01-15 20:17:27 UTC

Follow @https: //twitter.com/PCMag

PCMag.com is a leading authority in the field of technology and offers laboratory-based, independent reviews of the latest products and services. Our industry analysis and practical solutions help you make better buying decisions and get more out of the technology.

We all rely on Apple and Google to keep malicious software out of the app stores. However, the review system used by Google for Android apps is in urgent need of review. 17 tested and popular apps have hidden their presence on devices and shown users aggressive ads.

The apps in question are listed below and have been downloaded over 550,000 times:

Auto racing 2019

4K Wallpaper (Background 4K Full HD)

Backgrounds 4K HD

QR Code Reader and Barcode Scanner Pro

File manager Pro – Manager SD card / Explorer

VMOWO City: Speed ​​Racing 3D

barcode scanner

Screen stream mirroring

QR Code – scan and read a barcode

Period tracker – cycle ovulation women

QR & Barcode Scan Reader

Backgrounds 4K, Backgrounds HD

Smart data transfer

Explorer file manager

Weather radar today

Mobnet.io: Big Fish Frenzy

Clock LED

As Bitdefender reports, none of the apps are classified as malware, but the best way to summarize what they’re doing is “riskware”.

Each app uses a number of techniques to bypass the Google verification system and ensure that they get into the Play Store. These techniques include: “Wait 48 hours before hiding their presence on the device, split the app’s code into multiple resource files, and turn off ads until 4 hours after the app is installed.”

Ads will then appear regularly but randomly, making it very difficult to spot a pattern. A job scheduling system decides when a new ad may appear. This can be triggered when a user is in the app and presses keys, or outside the app if, for example, the device is unlocked.

Deceiving Google that the apps are not malicious seems to be an exercise to present themselves as “average”. The right files are part of the apps, and the long delay before ads appear, combined with the randomness with which they are triggered, seems to be enough to fool the review system. Some user reviews flagged these apps as adware, but they stayed active on the Play Store regardless.

Bitdefender has reported all 17 apps to Google and they will be removed from the store.

This article was originally published by PCMag

Here

,