Almost two and a half million Android and iPhone users downloaded seven adware apps from the Google Play Store and Apple App Store, according to research by a cybersecurity company.
Many of the apps were being promoted via TikTok and Instagram accounts – one of which had over 300,000 followers. Detailed by cybersecurity researchers at Avast[1], the apps have been brought to the attention of Apple and Google.
The apps themselves are all relatively simple – prank applications to 'shock' friends, music downloaders and wallpaper apps, but they all aggressively display pop-ups which either outright charge users for using additional functions, or display adverts that take up the entire screen, requiring users to click on them to remove them. Both schemes generate revenue for those behind the apps.
One of of the ways the apps have managed to bypass security protections of official Android and Apple app stores is because they're HiddenAds trojans[2], which while appearing legitimate to app store protections, push malicious functionalities from outside the application.
SEE: Cybersecurity: Let's get tactical[3] (ZDNet/TechRepublic special feature) | Download the free PDF version[4] (TechRepublic)
That means the activity only emerges once the app has been installed by the user and the permissions provided enable the app to receive instructions from outside the app – which in this case is to display intrusive adverts and demand individual charges of up to $8 from users.
"The apps we discovered are scams and violate both Google's and Apple's app policies by either making misleading claims around app functionalities, or serving ads outside of the app and hiding the original app icon soon after the app is installed," said Jakub Vávra, threat analyst at Avast.
The apps that have been removed from Google Play