Here we go again: of the applications on the Google Play Store have proven to be malicious, since they hide “unwanted code”. The discovery this time is by Avast.

The following is the full press release.

Press release: Rome, July 1, 2020 – Avast researchers, the world leader in cybersecurity, have discovered an impressive HiddenAds campaign, that is, unwanted advertising hidden in 47 applications on the Google Play Store, downloaded a total of 15 million times. The campaign uses a family of Trojans disguised behind popular online games, which actually only serve to display unwanted ads.

Once the app is downloaded, a timer is started which authorizes the user to play for a certain period of time, after which the app starts showing unwanted advertisements, also managing to steal personal information, geolocate the user himself and more.

The app can still be uninstalled through the device management features but requires the user to search for the source of the ads.

The initial detection by Avast researchers was made thanks to the comparison of this campaign with a previous one of the same type, always present on the Play Store. After further analysis via apklab.io – the mobile platform to detect Android threats designed by Avast – Avast researchers have been able to identify a broader campaign involving 47 applications.

It has been confirmed that it is a single HiddenAds campaign thanks to negative reviews on the Play Store which confirm that these apps interrupt the user experience; also these apps manage to hide their icon on the device and allow the display of external ads. Another identifying factor of the malicious campaign is that the developer has only one app and a generic email address on his official profile. Likewise, the terms of service are identical among the detected apps, probably indicating a campaign organized by a single developer.

For avoid downloading malicious apps from the Play Store, it is good to follow these four simple steps:

Check carefully the permissions required by the app before installing it: if the app requires data it doesn’t need, it could be a signal that something is wrong.

Always read the privacy policy and the terms and conditions.

Check user reviews: if there is a large number of negative comments, it is good to reconsider the download of the app.

Download antivirus on your mobile device so that adware and other malicious apps are identified and blocked.

End of the press release. For more details, you can consult the Future Time Security (Avast) blog. A complete list of the 47 apps involved is not available, but an image enclosing them has been disclosed 19 most downloaded apps. We advise you to uninstall them immediately if they are present on your device.

In any case, it is certainly not the first time that malicious apps are discovered on the Play Store.