A total of 50 malicious apps have managed to bypass Google’s security checks and land on the Google Play store, leading to millions of installs on Android devices. ZDNet reports: Now, the cybersecurity team from Avast have found a further 50 apps relating to lifestyle services which masquerade as legitimate software but are actually adware, and these malicious apps have been downloaded a total of 30 million times. On Tuesday, Avast published a report on the discovery, in which the apps are linked to each other through third-party libraries that “bypass the background service restrictions present in newer Android versions.”
“Although the bypassing itself is not explicitly forbidden on the Play Store, Avast detects it as Android:Agent-SEB [PUP], because apps using these libraries waste the user’s battery and make the device slower,” the researchers say. “The applications use the libraries to continuously display more and more ads to the user, going against Play Store rules.” Each app displays full-blown ads to users, and in some cases, will also attempt to lure viewers to install additional adware-laden applications. The malicious apps include Pro Piczoo, Photo Blur Studio, Mov-tracker, Magic Cut Out, and Pro Photo Eraser. Installation rates range from one million to one thousand.