NewsOnline Security

Infected Google Play Apps: Screen Off, Ads On!

No matter what device users are holding, downloading applications can sometimes be a hassle, especially when they get them from untrusted sources. That’s why official App Stores such as Google Play for Android exist. However, even the almighty app library slips and delivers infected apps to millions.

In a recent incident, Google Play Store was infiltrated with various applications that managed to harness over 2.5 million downloads. However, as these apps may seem convenient, they do have some shady practices in the background.

This particular predicament sees normal ads that function normally. Unfortunately, when the screen is off, they start loading ads without the users’ knowledge or consent. What apps are in question? What’s the risk? Find out below.

Infected Google Play Ads – Disruptive Ads in the Background

As we mentioned, Android users can download apps from any source, including untrusted ones. That’s why it’s always recommended to get content from official stores. In their case, it’s Google Play.

However, recently, Google Play has been slipping up in the security department, allowing threat actors to spread infected applications through its library.

In fact, a while back, threat actors preyed on the users’ urge for convenience to inject spyware into their devices. This particular attack came in the form of two file management apps on the Google Play Store.

Another incident saw the popular app library hosting a new Android malware distributed as an advertisement SDK – SpinOK.

Yes, Google Play Store had a rough couple of years, and threat actors don’t seem to be stopping their malicious practices targeting Android users.

Now, the new attack sees Play Store hosting 43 Android applications with 2.5 million installs. These apps seem harmless on the outside.

However, when the screen is off, they secretly display advertisements, running down the device’s battery. The apps in question reflect TV/DMB Players, Music Downloaders, News, and Calendar applications.

Infected Google Play Apps
Source: McAfee

In normal cases, Android phones utilize the “Power Saving” feature that prevents apps from running in the background when the phone is not being used.

This prevents it from consuming network resources, memory, as well as CPU. These applications prompt the users to add them to a list where they’re excluded from that feature.

This allows the malicious apps to run in the background and perform all their practices without interruptions.

Malicious Apps Background

According to McAfee, all the apps have been removed from Google Play. If you’ve downloaded any of them, make sure to uninstall them immediately.

Such practices prove to be very dangerous, especially as they disrupt your device’s functionality. Delete them and stay safe.

Infected Apps – Hiding in “Play” Sight

When it comes to downloading apps, always exercise caution and carefully evaluate the permissions they ask for.

Never give an app permission to any feature that it doesn’t need to operate. This can lead to devastating results, as threat actors are always on the lookout for an opportunity to strike.

Jonathan Beesly

Jonathan is the main author at He regularly publishes posts that aim to introduce better cyber-security practices to the masses.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Articles

Back to top button