Many Android apps have been installing adware for half a year

Tens of thousands of apps were recently discovered

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Tens of thousands of Android applications were recently discovered pushing adware on the devices for months.

This is according to a new report from cybersecurity researchers Bitdefender. After deploying an anomaly detection feature to its mobile security solution last month, the company found 60,000 unique apps that pretended to be various security, utility, and entertainment apps but were in reality just pushing adware.

The apps were being distributed through third-party websites, propped up solely for the distribution of malicious apps. None of the apps were found on thePlay Store, it seems. Bitdefender says that it’s likely that the 60,000 number is not final and that the number of malicious software is probably a lot bigger.

Fake uninstall

The threat actors would create these websites and then get them as high onGoogle’s search engine results pages (SERP) as possible, probably also utilizing other distribution channels, such as social media sites, instant communications apps, email, and more.

Once the victim installs the app on their endpoint, it would tell them it is unavailable in their region, and offer a quick way to uninstall it. However, the uninstallation process would never happen, and the apps would simply remain on the device.

Over 50 Chinese apps banned in fresh crackdown by the Indian government>Windows 11 now has much better protection against brute-force attacks>These are the best VPNs right now

The developers also deployed a couple of other obfuscation methods to make sure the adware remains hidden onAndroiddevices for as long as possible.

Firstly, the apps don’t automatically run once downloaded, as that would require additional privileges which would likely raise suspicion among the targets. Instead, they go the route all other apps take and wait for the users to run them.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Secondly, after the “uninstall” process, the apps go to sleep for a few hours, after which they would register two “intents” that make the app launch upon reboot or device unlock. The intents themselves are “asleep” for the first two days.

As usual, the best way to protect against such threats is to make sure to only download software from legitimate sources.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

TP-Link Archer BE3600 Wi-Fi 7 Router review

Ulefone Armor Pad 3 Pro rugged tablet review

MacBook Air OLED reportedly delayed until at least 2028 – here’s why