Google has begun removing a plethora of apps from the Google Play store belonging to a major developer following an investigation into the apps and their widespread ad fraud practices.
A BuzzFeed News investigation uncovered these illicit practices, conducted by Chinese app developer DO Global, which is in part owned by tech giant Baidu.
The publication found that a minimum of six mobile applications offered by DO Global were deploying adware which enforced click-fraud even when users were not actively present in the app.
Click fraud is often embedded in apps and online services to generate clicks fraudulently in order to receive payouts by advertising networks.
The apps in question were posted under generic publisher names and did not disclose they were owned by DO Global, which is in itself a violation of Google Play policies.
DO Global's six adware-laden apps were quickly removed, leading to a further 40 applications from the same developer vanishing from the store. Before the crackdown, the developer offered approximately 100 applications with over 600 million installs between them.
Google did not respond to the publication's request for comment but a source close to the matter implied that DO Global may be issued an outright ban for its activities.
In a statement to the publication, Do Global said that an internal investigation is underway and there are "irregularities in some of our products" use of AdMob advertisements, Google's mobile advertising service.
This "regrettable" finding has meant that Do Global "fully accepts" Google's decision to remove the applications.
"Moving forward, we will strictly follow relevant regulations and continue conducting a comprehensive review of our products," the company said. "[...] We offer our sincere apologies."
Last week, researchers from Avast uncovered 50 Android applications in the fitness and lifestyle Google Play categories which had managed to circumvent the platform's security barriers in order to serve adware to users. The apps in question were downloaded roughly 30 million times and were connected to each other through third-party libraries used to issue malicious code.
Check Point has previously discovered 206 applications in the Google Play store containing the SimBad malware which is not only able to act as adware but is also capable of committing spear phishing attacks. These malicious apps had been downloaded a combined 150 million times.
Previous and related coverage
- Trojanized TeamViewer used in government, embassy attacks across Europe
- Malicious lifestyle apps found on Google Play, 30 million installs recorded
- Google agrees to pay $3.8 million to Louisville to clean up failed fiber roadways
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0