Android users have yet more apps they need to make sure aren’t infecting their smartphones. The latest alert comes via the team at White Ops Satori Threat Intelligence and Research who discovered 19 nasty applications that are capable of filling devices with unwanted and highly irritating adverts. This adware was able to take over the moment the device was unlocked and plugged into a charger and was even able to launch its annoying attack whether the infected app was open or not.
To make matters worse, some of the apps were able to hide from users by disappearing the moment they were downloaded. This trick is often used by hackers as it makes it much harder for people to find and delete the applications from their devices.
The White Ops Team say they identified the apps after seeing suspiciously high volumes of ad traffic during their threat hunting investigations.
After looking more closely at those apps and their similarly-developed counterparts, White Ops discovered code facilitating out-of-context adverts as well as a pretty clever way to evade detection.
The apps it investigated in the course of its research did not function as advertised and had more than 3.5 million downloads.
Android warning as Google Play Store apps targeted with adware
White Ops dubbed this investigation CHARTREUSEBLUR with the majority of apps featuring in the attack including the word “blur” in their package name. Many also purport to be photo editors – a popular type of download from the Store – which claimed to allow a user to blur sections of an image in their photo gallery.
With the threat confirmed, Google has since removed the applications from its Play Store but it’s now vital Android owners delete them from their phones. (see the full list at the bottom of this article).
The Satori Team say they continue to monitor this threat and will identify any emerging adaptations and new apps.
However, there are some top tips to help avoid being duped before apps are discovered and deleted by Google.
Google has now banned the apps from the Play Store
Here are some questions a user can ask to help identify potential fraudulent ones:
• Do the reviews talk about ads popping up all the time?
• Do the reviews talk about the app disappearing or being unable to uninstall it?
• Do the reviews have a lot of complaints that the app doesn’t work as advertised?
• Are there a lot of 5-star reviews but the recent reviews are mostly 1-star?
• Does the app publisher have a lot of downloads in a very short amount of time?
If the answer is yes to any of the above, then it might be bogus.
Here’s all the apps that were deleted in the latest attack.
Auto Picture Cut • 100,000+ installs
Color Call Flash • 50,000+ installs
Square Photo Blur • 500,000+ installs
Square Blur Photo • 500,000+ installs
Magic Call Flash • 50,000+ installs
Easy Blur • 100,000+ installs
Image Blur • 100,000+ installs
Auto Photo Blur • 100,000+ installs
Photo Blur • 500,000+ installs
Photo Blur Master • 100,000+ installs
Super Call Screen • 100,000+ installs
Square Blur Master • 100,000+ installs
Square Blur • 50,000+ installs
Smart Blur Photo • 500,000+ installs
Smart Photo Blur • 500,000+ installs
Super Call Flash • 100,000+ installs
Smart Call Flash • 50,000+ installs
Blur Photo Editor • 5,000+ installs
Blur Image • 10,000+ installs