Prague, Czech Republic, October 22, 2020 — Avast (LSE:AVST), a global leader in digital security and privacy products, has discovered 21 adware gaming apps on Google’s Play Store, and reported them to Google. Currently, 19 of the apps are still available on the Play Store, but Google is investigating the reports. Similarly to adware apps reported by Avast in June and in September, the adware is part of the HiddenAds family, displaying intrusive ads, and luring users into downloading the adware by posing as gaming apps. This time, for example, the apps promise to virtually “let your car fly across the road, trees, hills”, to shoot criminals from a helicopter, or, for household enthusiasts, allow players to virtually iron their clothes. The apps have been downloaded about eight million times so far based on SensorTower, a mobile apps marketing intelligence and insights company, estimates.
Numerous user reviews on the Google Play Store mention the apps grabbed their attention through advertisements on YouTube, promising a different game than what the app ultimately offered. Following the download, advertisements started flooding their phones.
“Developers of adware are increasingly using social media channels, like regular marketers would. This time, users reported they were targeted with ads promoting the games on YouTube. In September we saw adware spread via TikTok. The popularity of these social networks make them an attractive advertising platform, also for cybercriminals, to target a younger audience,” said Jakub Vávra, Threat Analyst at Avast. “While Google is doing everything possible to prevent HiddenAds from entering its Play Store, the malicious apps keep finding new ways to disguise their true purpose, thus slipping through to the platform and then to users’ phones. Users need to be vigilant when downloading applications to their phones and are advised to check the applications’ profile, reviews and to be mindful of extensive device permission requests.”
The HiddenAds family is a Trojan disguised as a safe and useful application but instead serves intrusive ads outside of the app. These campaigns are repurposing existing gaming applications and add aggressive HiddenAds features to be displayed for users. Stealth features such as hiding their icons and having relevant looking advertisements make such adware difficult to identify and remove.
The list of HiddenAds applications on Google Play Store can be found here.
Generally, adware is a type of malicious software that bombards a user with excessive ads in and outside of an app. Applications have many 5- and 1-star reviews. The reviews often cite low functionality and/or excessive ads, or are overly enthusiastic and positive. When clicking on the apps’ developer account, adware developers tend to only have one app on Google Play, which can be suspicious. They do this in case their profiles are deleted, they do not lose multiple apps. By checking the permissions an app requests before installing and reading reviews, users can avoid falling victim to downloading any HiddenAds adware.