Android security: Are you using these popular apps that secretly click on ads?

Apps with 1.5 million downloads were in the Google Play Store for almost a year before they were spotted, used a new trick to remain under the radar.
Written by Steve Ranger, Global News Director

Two Android apps available in the Google Play Store, which had racked up over 1.5 million downloads between them, used a new trick to secretly click on ads without the knowledge of smartphone users. 

According to researchers at security company Symantec, the two apps were in the Play Store for almost a year before being discovered. After Symantec told Google about the behaviour of the apps they were removed from the app store. 

The two apps – a notepad app called 'Idea Note: OCR Text Scanner, GTD, Color Notes' and a fitness app 'Beauty Fitness: daily workout, best HIIT coach' – were packed using legitimate packers originally developed to protect the intellectual property of Android applications, Symantec said. As these packers can change the flow of an Android Package Kit this makes it more difficult for researchers who want to understand its inner workings. 

MUST READ: Android Google Play app with 100 million downloads starts to deliver malware

The apps also use a sneaky way to display ads while keeping them hidden from the user, effectively placing the adverts outside of the device's viewable screen area – which means the user simply can't see it. 

"Using this tactic allows advertisements, and any other potentially malicious content, to be displayed freely. The app can then initiate an automated ad-clicking process that produces ad revenue," Symantec said. But as the app generates these 'ghost' clicks on ads to make money, users could find their smartphone batteries drained, their device slowing down or even running out of data, thanks to frequent visits to ad websites. 

READ MOREWhatsApp is among the most blacklisted apps in the enterprise

"The apps' use of Android packers and the unusual method of hiding advertisements adds a level of complexity for security researchers," said Symantec. Symantec said it "strongly" encourages users to manually uninstall these apps from their devices. 

Earlier this year Google, revealed that malware installed from Google Play grew by 100 percent last year. But the company says the main reason for the growth is that for the first time its definition of "potentially harmful apps" now includes click-fraud apps


Editorial standards