San Francisco: Google has removed 29 apps from the Play Store which were found filled with adware. These Android apps had over 3.5 million downloads on the Play Store.
White Ops’ Satori threat intelligence team discovered these 29 apps as part of their “CHARTREUSEBLUR” investigation. The word blur in the codename of the investigation is due to the fact that most of the malicious apps were photo editing apps which had a blur feature. As for the word “chartreuse” the team just found it fun to say and that the liquor is tasty.
These Android apps were found running out-of-context (OOC) ads which are said to be used to avoid detection. After the user installs any of these apps, the launch icons would immediately disappear from the phone. This made it difficult for users to remove the malicious app from their phones.
One such app with adware was the Square Photo Blur app. The Satori team tested this app and discovered a “hollow shell of an app” which managed to pass the Play Store security checks. The app obviously didn’t function as advertised and instead ran OOC ads on phones. Once the app was installed on the phone the launch icon disappeared and there was no “open” function on the Play Store either.
29 Android apps have been identified with this malicious adware. But there could be more in the future. You can find the full list of apps here and uninstall them. The Satori team also advises to look out for hints like – reviews of the apps mentioning ads popping up all the time, apps disappearing after downloading it, a lot of 5-star reviews but recent ones are mostly 1-star, app doesn’t work as advertised, app received a lot of downloads in a very short time. Some of these points can act as indicators that the app is probably a malicious one.
Google recently removed 11 apps from the Play Store which contained the Joker malware. These apps have been lurking around since 2017. Hackers have managed to introduce new variants of the Joker malware in Android apps. The malicious apps are no longer there but they may appear again in the future.