Google Play Apps Laden With Ad Malware Were Downloaded By Millions Of Users

from ars technica

This week, Symantec Threat Intelligence’s May Ying Tee and Martin Zhang revealed that they had reported a group of 25 malicious Android applications available through the Google Play Store to Google. In total, the applications—which all share a similar code structure used to evade detection during security screening—had been downloaded more than 2.1 million times from the store.

The apps, which would conceal themselves on the home screen some time after installation and begin displaying on-screen advertisements even when the applications were closed, have been pulled from the store. But other applications using the same method to evade Google’s security screening of applications may remain.

Published under 22 different developer accounts, all of the apps had all been uploaded within the last five months. The similarity in coding across the apps, however, suggests that the developers “may be part of the same organizational group, or at the very least are using the same source code base,” May and Zhang wrote.

Most of the applications claimed to be either photo utilities or fashion-related. In one case, the app was a duplicate of another, legitimate “photo blur” application published under the same developer account name—with the legitimate version having been featured in the “top trending apps” category of Google Play’s Top Apps charts. “We believe that the developer deliberately creates a malicious copy of the trending app in the hope that users will download the malicious version,” May and Zhang concluded.

More here.

Posted in Technology and tagged , , , .


  1. In today’s news, another reason not to get an Android. Not only is it that the camera provides fewer clear images, the texts are that ugly green color, but their programming can be easily infested with malware and viruses. The iPhone, unless jailbroken, is typically virus free. The operating system, iOS, does not let apps penetrate the same coding system as the Android does. Apple creates a restricted space for apps, so there is very little communication between applications and the operating system. Also, you can only download approved apps from the App Store, which means that viruses can’t just appear from web downloads or apps.
    Unfortunately, the Android store is the Google Play Store, which right of the bat does not sound great. As Professor Shannon has stated many times before, Google tracks our data and that information ends up where no one can trace it. To publish your own application on the Google Play Store, you simply have to set up the basics (language, graphics, settings) of your app and send it in for “testing.” This article highlights the weakness that Androids have, pretty much anything can get onto the device and cause it to get a virus or malware. On Google Support, there actually is no header that describes the testing an app must go through to get published. I think that is where the problem lies. The google Play Store is so concerned with getting people excited to publish an app, that there is actually little information on what restrictions there are to the apps or protection from malware. When comparing to the iPhone, the first header on their publishing website is to review the guidelines. In their guidelines, they mention their first sub header, safety. This section includes content, data security, software requirements, and hardware compatibility, among many others. The App Store has clear guidelines and requirements to upload an app so that no apps can attack the iOS operating system of that Apple device.
    The difference between how the Google Play Store and Apple Store operate is quite simple. Apple has strict guidelines for coding and software so that these applications can’t attack the operating system. On the Google Play Store, fun and advertising is more preferred than user safety. It was easy or the app developers to create malicious content by violating the Android’s app coding requirements

    • Every year there is a scam or virus that goes through the IOS and Android system interface. More so recently android has been getting these scam apps being published in the play store. For the most part, Google and Apple have been very good with keeping their firewalls up to date. But the hackers are always looking for new ways to get into their secure system and exploit it with advertisements and viruses. The apps were designed to look like common apps in the fashion and photo editing genre. Once they are downloaded, they don’t do anything until opened. Once opened, they send a signal to whoever created the app and it automatically starts with advertisements on the phone. These apps would then disappear from the app menu making users not know what is causing the problem. The malicious apps gave the creators a lot of money through ad revenue at the cost of the user’s device security. It is unfortunate that this is happening to the Android interface. They used to be far behind from competition such as Apple but now are competing at the same level as them. Small setbacks and bad news like this give the Android interface a bad sense that isn’t true. Places and software companies will always have people trying to break in physically or virtually. The only thing they can do to prevent it is to upgrade and routinely check their security.

  2. This was actually not the first time that I had heard about malicious software on the Google Play store. Earlier this week I received a warning from the Google Play Store that I had downloaded an app that was unsafe, and that it was attempting to attack my phone’s internal system. I thought that this must have been an error, given that the app in question I had installed over one year prior to the warning. But upon going to the app’s Google Play page, I saw that the developer had issued a statement claiming that the attack was coming from a third party that had managed to hack into their system through a bug in their software. Within hours they had found and removed the bug, and Google no longer flagged it as an unsafe app. However, I had already uninstalled the app when Google issued me the warning, and I have absolutely no plans of reinstalling it now that it’s safe.

    It’s a scary thing to think about hackers getting access to a safe app and causing it to become unsafe. But it’s also scary that they could create clone apps that appear just like the safe ones, so you would never guess that anything was wrong with them until after you have already installed it. I think that if an app I had just downloaded suddenly disappeared from the home screen, there’s a good possibility I may just forget about it. If that occurred, there’s no telling how long I would be spammed with ads that I didn’t know the true source of. Further still, there’s no telling how long it would take me to finally get rid of it. If it was gathering data on me and selling it to third parties, there’s a chance it could end up with months or even years worth of private data from my device. The possibility of that happening is enough to make me wary of downloading anything new off the app store for a long while.

    I think Google should be held accountable for this happening. Malicious apps should never be able to be downloaded from the Google Play store. Google should screen every app that developers attempt to put on the Google Play store so that consumers can be certain that every app that they download is safe. In addition, I think that Google should require app developers to be vigilant with the coding of their own apps so that way the bug in the app that I had previously downloaded would have been found and resolved before it was exploited by a third party.

  3. It is becoming more and more obvious in cases such as this one that the big tech monopolies are not very adept when it comes to protecting the data and general privacy of its users. When it’s not clumsy errors such as this one, it’s outright malicious actions. Facebook is known to steal and sell the data of its users away, and Google amended its privacy policy back in 2012 to specifically allow for the “sharing” of the data of Google users across various platforms.

    Ignoring privacy, these companies place a great deal of emphasis on censorship. This is evident with the widespread use of shadowbans, outright bans/suspensions, “trending” or search result manipulation, and other similar tactics across their respective platforms.

    Based on the nature of this particular case, it seems that the people behind the malicious app were in the business of making money off the malware’s forced advertisements, but a loophole such as this one could have just as easily been exploited to steal the private information of the users who downloaded it. Could this have included contact information, text messages, and credit card numbers? We can only hope that we never find out, assuming this does not happen again after Google amends its anti-virus screening for applications uploaded to its stores.

    It is no surprise that this incident occurred on Androids, which undeniably seems to be the type of phone most susceptible to malware, compared to its adversaries at Apple. iPhones generally do not have any issues with malware, as the iOS operating system is harder to breach. Although this does not mean iPhones are not without privacy flaws, it’s a factor that consumers should be considering more and more: does this phone have good privacy barriers? The average Joe may not care much about this question, but does a high level business executive want to be using a phone that can easily be remotely hacked over WiFi or breached using an email virus of some kind? It is also worth noting that these schemes will get more elaborate, as we see in this case, and “normal people” will be affected.

    The final item of note here is that the malicious apps were not downloaded from a random website — they came directly from the Google store! Everyone understands that randomly downloading things online comes with a risk, as the entire Internet cannot be monitored to prevent the spread of viruses. The Google store, however, guarantees a degree of security to its users that apps found on the store are vetted and known not to contain malicious content. This episode should certainly function as a wake-up call to people to be more careful about what they download, even if it is found on a credible platform.

  4. One of the biggest criticisms you hear about Android phones is that they are reliant on Google. Whether they are Samsung or LG they use Google apps to perform their major functions. As such, it is a reasonable claim that Android phones are not very private, and as this article points out, not exactly safe either. I do think this article exaggerates the effect of these Apps however. 25 seems like a lot until you realize that there are 2.7 million apps on the Google Play store making them only 0.000009% of all Apps. Additionally with 15 billion downloads on the app store (2016), 2.1 million is only 0.00014% of all downloads. Another aspect of this would be that apps can only reach the top pages once they reach a certain threshold of downloads, so it’s unlikely that all 2.1 million were organic downloads. In the end does Google have to figure out ways of protecting their users, yes. People who click on suspicious website on Google might be to blame themselves, but their is an expectation of safety for an app that comes pre-downloaded on your Android device. While I do expect Google to continue to take actions to prevent malware, in the meantime this is likely going to be blown out of proportion and used as a way for people to have one more reason why “Android sucks.”

  5. This reading brings into question a greater topic than just the malware’s ability to slip onto phones undetected. The government has no way of regulating apps and malware, and so it is up to these big tech companies to figure it out themselves. While this could have still happened under government regulation, at least the people who were invaded would know that there was more of an effort to try and prevent these issues on the government’s part, and not just the companies.
    While this reflects badly on Google Play, this could happen to any other app store and apps people download. An average person has about 80 apps on their smartphone, some are given with the phone and some are downloaded at a later date by the user themselves, based on their interests and needs. And while big tech companies claim to try and regulate these apps and filter out the bad ones, since there are so many they do not put enough effort into making sure they are secure and not slipping past the companies security regulations. And if they are slipping past, the company needs to update their security and privacy policies to reflect the malware attempting to penetrate their system.
    It seems nowadays the companies who are being invaded the most are Google and Microsoft, and not Apple. And although the reason is because those two companies are the ones that run the market now, if Apple began to ran the market all of our iPhones could soon see similar issues arise. Most people I know have iPhones, and I am sure if hackers were able to do this sort of thing and invade our phones with malware, all of the apple users will be furious. Not only are our phones being tracked for ad data anyways, but this will just be another way to expose users to unwanted ads.
    Having ads pop up on one’s phone when they are not even using the app, and then having the app turn into a ghost on the home screen seems to be just the beginning of the new malware technology. As time progresses, I am sure we will be hearing more things in the news about apps and compromised cell phones.

  6. As a former android user, learning about Google play apps laden with advertisement malware is very concerning. Globally, the number of android users easily surpasses the amount of apple users today. Therefore, the 25 malicious applications found on the google play store definitely have a higher chance of accumulating an insane number of victims to download the apps; they were downloaded 2.1 million times before being detected. All the apps had similar code structure that made them the ability to get passed the google play store’s security screening without detection. The apps were published under 22 different developer accounts, but the coding is so similar that it is believed that an organizational group is behind is responsible. Or there has been the same source code base being shared across the community. Either way, 25 apps were able to make it past security screenings which shows a lot about google play store’s security measures. They should obviously push for more vigorous screenings like apple or else they will lose more users to IOS.
    To fully understand why more users would switch to IOS, we must compare apple’s and android’s security measures taken when it came to their ap stores. First, there are many more reports of malicious apps in the play store than there are in apple’s app store. This is because google play has a much shorter screening period than apple’s app store. Also, google can remove the malware quickly, but it is unknown how much damage the app has done to your phone which is why it is necessary to run a full virus scan on your phone after you have removed the malware. It all begins with the freedom android has to offer its users. There is so much more customization that can be achieved on an android, which leads to more apps on their store than apple. Google play is a great place for new app developers because it can take less than 24 hours for their apps to earn their place in the google play store. On the other hand, apple is much pickier when it comes to the apps they put in their store; quality over quantity is achieved evaluation process of an app. Therefore, I am glad I made the switch to apple’s iPhone one year ago.

  7. I’m astounded that Google, one of the largest tech companies in the world is still struggling to implement security of malware in their app store. Apple’s iPhone’s are almost completely immune to having malicious apps downloaded through the Apple store. This is due to Apple having way more restrictions on the apps that are allowed on their store. Apple phone’s also use their own web browser and security system to protect it from viruses and malware. Android phones on the other hand are much more “vulnerable”. The Google Play Store is much less strict on what apps are allowed to be put on the store and its a great place for new app developers to put their product on. The main problem is that the lack of strict selection of apps has lead to a known 2.1 million downloads of malicious apps through the Google Play Store. These malicious apps display on-screen advertisements even while appearing to be closed. The advertisements are hard to trace back to the app they come from, so it becomes a hassle to uninstall it. This situation had the potential to be much more serious if instead of on-screen advertisements, these apps recorded information (emails, passwords, card numbers, phone numbers) and sent them back the app developer.
    It is clear that Google has to change or update its security on the Google Play Store if it wants to retain a loyal customer base. Google does not have to stop letting new developers put their apps on the store, they just have to improve their security’s detection of malicious software. Another one of Google’s products, Google Chrome has a better job identifying malicious software if it is being downloaded through the browser, there is no reason the Play Store can not accomplish the same thing. I hope that Google takes this situation seriously and begins to invest on improving their Google Play Store security.

  8. It has become such huge problem that as technology advances so does malware and other significant blockades that cause the positives of technology to standstill and overall decrease in productivity. After reading the article, it has become truly more and more realistic that the Google play apps, (the nickname for a part of the Android app store) have become more infested with malware that is going under detective services and is corrupting individuals of the Android community which is a very tough break for the loyal. A fact that truly stands out is that 25 apps containing this malware were miraculously able to go undetected past the various screenings that are required for the Google Play store on Android. In addition, it’s also worth pointing out that because Android users are hearing the news about their app store or may have their own phone infected by the malware, they are most definitely going to lose trust in the company. Big companies that draw much more of a crowd, such as Apple, will be the ones drawing the interest of these users who have had their trust in Android sucked out of them.
    When looking at Apple, their IOS store has extreme security measures to ensure the safety of all their users to prevent against Malware issues that the Google play store and Android users are experiencing. The security measures that Apple has are to make sure that whatever the users decide to download is safe from the inside out and won’t affect the significant device that the user is controlling. If somehow the Google play store was to make a significant comeback and add to the security measures that the IOS store has then they could possibly gain their users back.
    Nowadays, it’s all about the users trust in the companies they use for their devices as technology is all about safety. While the Google play store is great for Android users, there needs to be a much-needed change in order to prevent malware from becoming an issue once again. Overall, it’s safe to say that I’m glad to be a part of the Apple community and use their products as I never need to worry about such an issue affecting me.

  9. First off, I’d like to say, this is why I own an Iphone and not an Android device. These 25 applications pose a huge threat to users, and they breed a new era of digital attacks via intriguing applications downloaded by users. While there’s no way to tell if an app is going to affect your device’s software or download any bugs, Users should be careful about how legit the apps they downloading are, and who these apps are made by. We’ve already seen similar issues with apps like TikTok using user’s data, and the old face app being able to access user’s camera rolls. The scariest part about this situation is the fact that over 2 million people downloaded these apps, that hide themselves and gain access to what’s on the user’s screen. If they can conceal the app’s icon and display ads on your screen, it can’t be much harder for these app creators to figure out how to remotely view your phone screen. Clearly Google’s security measures for checking and regulating which apps are on their store is faulty, and these policies may not even change. Therefore, the same type of cons are still looking to scam users into downloading their apps for profit off unauthorized advertising. Even in my Tiktok response I mentioned, that no matter how many issues we have with technology, there’s always room for user error. So, Users should look to see what apps they are downloading, and exactly who these apps are created by and where they’re coming from.

  10. Google Play App store has detected several apps that have ad malware. These apps are mimicking apps that were featured on the Google Play’s Top Apps charts. The apps once installed would begin displaying on-screen advertisements even after the applications were closed. These apps have since been pulled from the Google App store but there still may be more applications out their carrying this ad malware. The problem with these applications is the fact that they are untraceable, the ads do not trace back to the app that is displaying them giving the hacker a captive audience which they are using to generate ad revenue. Now, all these apps have been written with the same or at the very least similar source code. This has lead those who have detected these malicious applications to believe that this has been created by the same individual or organization to get advertisement revenue from companies every time they force these ads on people. The amount of times these apps have been downloaded is around 2.1 million times. These downloaded applications claim to be either photo utilities or fashion-related applications.
    With this issue arising I think that advertising companies need to restructure their policies on how they pay companies to distribute advertisements for them on applications. They should come up with creative ways to incentives companies to advertise for them with out gaming the system the way that this person or organization is doing. One way they could do this is by monitoring the means by which application companies distribute their ads especially when they are able to gain massive amounts of revenue as it appears that this person or company has done. On top of this the Google Play Store needs to ramp up their malware detection protocol. The fact that their competitor Apple iOS is able to avoid a lot of these problems is proof that it can be done. The aspect of security is a huge deal to Apple a leader in this industry, so Google should take notes and do their best to mirror the assurances that Apple is able to provide.

  11. This is alarming, but not at all surprising. Since computer technology picked up and began to advance exponentially, people with malicious intent went right with it, often a few steps ahead. Not only are our laws not up to date, but the companies, like Google, do not have the preparedness to foresee these things happening. This is the same story over and over again. Facebook did not release information about hacker meddling with elections in multiple countries for months. Banks and retail stores have historically not released data of hacks for months, sometimes years. Even Marriott International had an issue where the private information, including passport numbers, of millions of its customers was accessed in 2014. The company didn’t even realize what was happening until 2018, 2 years after they acquired Starwood. Like I said, this is not new. These companies are not proactive enough for us to be comfortable giving them our private information, especially given the fact that some of them are willing to sell it, or even give it away for free. During the lead up original Brexit 2016 referendum, Facebook allowed a company by the name of Cambridge Analytica to access the personal data of potentially millions of its users. They did this so that they could allow Vote Leave to target users they believed were gullible to buy into information that blatantly lied about the implications of allowing Britain to remain in the EU. This ended up with many people voting to leave despite not knowing any true reason to leave. It also deepened xenophobic and islamophobic sentiment in England. Because of this, Facebook’s CEO Mark Zuckerberg had to appear before congress to be questioned about whether or not Facebook truly was a well-meaning company. He got away for the most part because he said sorry and claimed that he couldn’t see the “bigger picture”. This marks an even more concerning problem connected to the previous one: these companies will not be held accountable or liable for things they should be. How in the world could Mark Zuckerberg not see the bigger picture when Cambridge Analytica asked to “innocently” view the personal information and data of its users? One would hope that the CEO of one of the biggest social networking sites to exist would have a little sense when deciding what to do with private information. This is why we see problems like the one stated in the article. Google, as well as other companies will continue to have problems like these.
    Why don’t they fix it? Well that answer is simple: because fixing it doesn’t make them nearly as much money as selling the product in the first place does. That is what they are focussed on. This is the same reason why our economy has begun to fail us. Companies have been becoming smart to the fact the people will continue to buy their product even if the mark the price up. You see, they have been spending millions of dollars on advertising to make sure the average American citizens feels the absolute need to have their product. Even more, as each individual company raises their prices, other companies will follow suit. If all of the jeans sold in the world cost $100/pair, people will still buy them. There a few alternatives to a nice pair of jeans. This is where price-hike regulation fails. Legislation is failing to meet with the rapid increase in technology and companies are able to get away will such price hikes, especially on new technology, because as far as anyone knows, that’s the price you have to pay for these items. Companies like Google see these malware problems like minor bumps in the road that they know will blow over before the next Google Pixel comes out.

  12. This week I chose to write about the article titled “Google Play Apps Laden With Ad Malware Were Downloaded By Millions of Users”. I chose to write about this article because I personally use Android products and therefore get all of my apps from Google Play. The article states that in the past few months several different developers have released over twenty apps that contain damaging malware to the device and that over two million people have downloaded these apps. It is clear that these developers did this intentionally because the apps do not initially appear to be dangerous, it is not until the app has been opened and launched several times that it starts to act up. What is also interesting is the fact that the apps and malware within them have a lot of similarities. This suggests that even through the apps have different developers listed there is likely a group of individuals behind these issues.

    Something that stood out to me as interesting was the fact that these apps are so aggressive that they not only have pop ups within the app itself, but also on the home screen of the device. To me this is one of the worst things that could happen to my phone. This is because if the app acts up when you are using it, it would be easy to tell that it was a problem and simply uninstall it and run a malware check on your phone. But when the apps and malware are so advanced that they occur independently from the app itself it might be difficult to determine which app that you have downloaded is causing the problem so that you can uninstall it.

    I really liked that this article also discussed the “why” behind the malware. So many times, I read articles about someone doing something wrong or illegal and I can’t help but wonder why they did it. Just like in a courtroom when the judge and lawyers search for motive, I think its great that this article explores that. The reason why people would create apps with aggressive amounts of pop ups and ads is because each time a user views an ad the company whose ad is displayed pays the developer for the advertising.

    This issue also calls into question one of the biggest differences between android and apple products. The Google Play Store allows anyone to create, operate, share and even sell their own apps. It allows for a greater variety of apps to chose from. While the app store used by people with iPhone is not as open to outside developers. The app store places a higher level of importance on vetting the developers and apps that they want to publish to the store. This means that people have fewer options but that the options available have been thoroughly vetted and the risk of malware is dramatically lower than with apps from google play.

    In relation to business ethics this article calls into question whether or not the google play store is doing enough to vet the apps that do come through. Allowing anyone to make an app shouldn’t mean that everything is allowed. There should be a vetting process even if it isn’t as in depth as that of iPhone. Both app stores give you information about the app before you download, such as category, whether or not there are ads, and if it’s free. But maybe this isn’t enough. If it takes almost six months of these apps to be caught and shut down it would seem that there is a major flaw in the system or perhaps that there need to be more steps in place to monitor the behavior of the apps even after they are downloaded.
    At the end of the day one thing is clear: people have very strong opinions about whether android or apple has better products, but I think that “better” is the wrong word. It boils down to what is more important to you. If you like the idea of having more options in your apps then you might prefer android. If you are more concerned about the safety of the apps that you are downloading apple might be the brand for you. Articles like this are just a great reminder of the risk that you run when going with android products and that we as consumers have to do our research about apps before simply pressing install.

  13. Imagine having an Android phone and getting a virus. And, then imagine having an iPhone and not having to worry about getting a virus. Why? Because iPhone’s are less prone to viruses than Samsungs, Androids, Google Pixel’s. Now I am not saying that that an Iphone can’t get a virus but it is going to be very hard to get a one on it because of the amount of code written to prevent you from getting onto a bad website. The fact that Google store had apps that had malware attached to it is startling because you trust them to verify these apps before they allow them in there store’s. If I was one of 2.1 million users who downloaded an app with malware on it, I would sue Google for the damage it does to my phone. In this case, a type of malware called “adware” was released through those apps into users phone’s. According to AVG, a company who sells antivirus. Malwarebytes, and other software “Thought not always malicious in nature, aggressive advertising software can undermine your security just to serve you ads…” (Fundamentals of Malware). It isn’t as harmful as you would think but it is very annoying to get a pop up every few minutes even when you have completely closed out of the app. Symantec Intelligence analysts found that a numerous amount of apps in the Google Play store had malware attached to them through code or scripts and many were removed, however, there is a chance that a large number could remain in the store. It was found that the apps “… share a similar code structure used to evade detection during security screening…” (Google Play apps laden with … users) which means the placement of these apps was purposeful. Whoever created these apps infected them and then found a way to pass Google’s screening, which is scary because of the amount business Google does with big corporations. If I can’t download an app from the playstore without having to worry about getting my phone filled with adware, then how would I continue to use Google chrome, or any of Google’s services. The apps that had malware attached to them were “Published under 22 different developer accounts …” and had “… similarity in coding across these apps” (Google Play apps laden with … users) which suggests people belonging to the same group were responsible for this. Honestly, I would be a little concerned that Google’s security has a loophole that allowed this amount of apps to be pushed through without any detection.

    As a Geek Squad agent, I always tell my clients to be careful where they are surfing the web because if you are not aware while you are online, you can easily do harm to your computer. So many clients come in saying that they paid the man on the phone money or they let someone into their computer to “help” them because they said their computer was in danger of losing files. A common theme among the clients is not being aware about how technology works, not changing their searching habits, and being on the older side. The unfortunate thing is that these clients are so worried when they come in and we try our best to make them knowledgeable on how to prevent these issues, but they come back to fast. I think we as users need to take better steps to avoid the traps these hackers place for us. Going back to the article, it said “Most of the applications claimed to be either photo utilities or fashion-related” (Google Play apps laden with … users) which means these hackers knew young people would download these apps. And, who stores the most amount of data in regards to credit cards and other things on their phones? Millenials and young adults. Now it is true that since the hackers pushed adware through the apps, they were doing it to generate revenue from the ad companies, but it doesn’t mean they couldn’t send updates through to gain client information. The thing with adware is that these hackers made it so that, users couldn’t tell what apps these ads were coming from. AVG said to be alert about where you browse because “Malware can be found anywhere, but it’s most common in websites with poor backend security” (Fundamentals of Malware) but it usually isn’t commonly found in app stores. However, when it comes to apps you just have to do a little bit more of a deep dive into them to ensure they are legit because some free one’s may be the ones with malware.

    Another user wrote that, “The Google Play Store is so concerned with getting people excited to publish apps that there is actually little information on what restrictions there are to the apps or protection from malware” (Commenter). I completely agree with them because when I did a little research as to what I would have to do to create an app and have it published in the app store, I was amazed with the lax setup. It shouldn’t be this easy to send Google something that is going to affect millions of users. In the end, users should not have to worry about malicious apps now because of the advancement we are supposed to see and have in technological security. Hopefully, Google can clean up this mess fast because they are already under investigation.

  14. Androids are typically more prone to getting viruses and malware in their operating systems just because of how they are set up. This goes to show that Android is not checking the code that developers are putting into the apps. There is also no procedure for checking what goes into the Google store. This could be dangerous at times and it is a good thing the developers were not after private data or any sensitive information. I have noticed in the comments, consumers getting emails about having a potential attack on their phones from apps. Sometimes having downloaded the app almost a year prior to getting notified about the attacks. This is a long time frame for developers of the apps with malware to have your data and information with your phone. Not only were some of the apps in the app store for that long of a period but it was in the top trending charts list. This meant that anyone who happened to stumble across this trending list saw the app waiting for them to download it with the malicious software.vHaving the ability to access that type of data poses a huge risk. This process of getting apps into the Google play store is something that needs to be reconsidered and re-worked. Screening of the apps that have the potential to go into app store would make me feel better about downloading apps. There could also be more apps in the Google Play store with more malicious software. Checking code should be on the top of the priority list for Google to go into more detail. If I were a consumer thinking about switching over from Apple to Google or Android, this would not make me think twice about them being an option for me.
    Apple does not have this problem with viruses, but does have problems elsewhere. Usually when you download games from the App Store they ask for a variety of information from you. Other times you do not have to consent to the information you are giving the third party developers of the apps. Games with ads are well known for this, by selling your information to third party developers. This is very profitable for the game developers by having a free game that is addictive in the app store. Playing the game and watching ads in between the games all while attaining information about you. While this is not trying to attack your phone, this is still significant.
    There are still major flaws in both app stores, whether you own an Android or Apple phone. There are areas where both companies could make their app stores a safer place. I always keep in mind that kids are getting tablets and phones at a much younger rate than what we are used to. They have the ability of downloading these apps with the malicious software without knowing. These beauty apps and photo editing could be attractive to young kids to download.

  15. The problem described in this article, unfortunately, has been a common issue for the Google Play Store for years. For example, earlier last year Washing Post reported that thousands of apps on Google may be illegally tracking children. Due to its loose developer regulations and application screenings, the Store is typically plagued with low quality, ad-filled, and often questionable apps. The Android operating system sadly does not help to minimize the risk once you download the apps as it is built to adaptive and flexible for so app developers can have creative freedom. While this creative freedom allowed consumers to have streamlined experience between applications while using Android phones, it also created major security loopholes that posed a privacy risk.

    While the malware apps mentioned in this article does nothing more than evading users intervention and spamming ads, it also shows the extent of the ways malware apps can access the data on a person’s phone and perform unauthorized alterations without attracting any attention back to themselves. Since certain apps on Google Store have been collecting sensitive users’ data like the ones reported in the Washing Post article, it is entirely possible that there would also be malware apps that can secretly track users as well. This is a huge security risk that definitely calls for reform for the platform which Google must address as soon as possible.


  16. It was alarming to learn that there is more than a handle of Android applications that had been found to contain malware. Some of these apps seem to have crossed the boundaries of the users, as they still continued to run even when they were not the app that was open on the user’s screen. It is also interesting to me that Google does not place as many restrictions on the Apps as Apple has, and it seems that Androids are definitely much more susceptible to hacking and malware than iOS devices because of their screening process for apps.

    My first phone was one of those slide phones, but then after that my first smartphone was an android. I remember that towards the end of the contract that I had with my provider at the time, it slowed down due to updates and its old hardware. However, I did not know that it was actually malware that came from game apps designed to hide the malware. I ultimately discovered at the end of my time with my that because it had slowed down so much that I could no longer make calls on it, which prompted me to get a new phone. If this has been a concern for android users for more than the past five years, I do not understand why Google has not made significant steps toward removing the threat of malware in apps by increasing the approval process for apps to be available for purchase in the Google Play store.

  17. It is not surprising to me that Android users are running into another problem thanks to their app store, Google Play. I say this because, in comparison to Apple users, Android users are far less protected from malware due to an inferior firewall. However, as I was reading this article, my mind began to drift a bit deeper than this simple comparison between Apple and Android security. As competitors, Apple and Android area constantly in the know about what one another are doing; Apple’s most recent product is the iPhone 11. Advertising for this phone has been highly focused on iPhone 11’s vastly superior camera, which includes three lenses and never before seen effects. Now, let’s reference the types of apps that were infected with malware on Android phones, which are primarily photo editing and fashion apps. As both the malware and iPhone 11 have dropped in the same 5-month time frame, my question is whether or not there has been any foul play involved between Apple and Android product developers and the malware apps being sold on Google Play.
    What really brought this possibility to mind is that my friend, who has had an Android phone the past 2 years, fell victim to malware ruining her phone. When she would open the camera a notice would pop up saying “encountered fatal error” and would shut her phone down. This problem goes hand in hand with the malicious photo editing app malware. Ultimately, she replaced her Android with an iPhone due to all the “virus problems” she faced on her Android. To me, the timing of these events seems suspicious. Fashion and photo editing apps are primarily used by females, and the iPhone 11 advertising was primarily focused on the extraordinary new camera. So while Android cameras/phones are shutting down due to viruses from photo editing apps and fashion apps, Apple is advertising the release of their new state of the art phone. The iPhone 11 was released in September, which was the fourth month (out of five months) that Android users were facing the malware crisis.

  18. Advertisements are taking over all parts of the internet. Even when looking at articles from ShannonWeb for my assignments, almost every available space of these articles have been taken up by some sort of advertisement such as large ads on the side panels, videos that pop up in the middle of the screen, and even interactive ads at the end of the article to draw users in to buy the newest model car. Website now enables cookies which keeps track of your information during your visit on their website. This information is received and interpreted to find the most strategic form of advertising for the user. All of this happens automatically and without the knowledge of the user most of the time. In the case of this article, advertisement has been taken to another level with apps through the Google Play store. Almost 2 dozen apps have been released and downloaded by millions of users that are encrypted with a malicious malware that takes advertisements to another level. These apps are created to replicate some of the most popular apps currently in the store, making it hard to ditiquinsh the real from fake. When downloaded, the application hides itself from the home screen and, “starts displaying full-screen ads, even when the app is closed”(Gallagher). With the code allowing itself to change the settings in the phone, it can be hidden from the user making it almost impossible to track the source of this malware.
    Although this type of attack is very extreme, some similarities of how this program works are already being put into use by bigger corporations such as Google and Facebook. They retrieve information that was given to them such as our age and where we live, and use that to have more targeted ads. There also has been speculation that even more information is taken without our knowledge such as our history feed and even camera or audio from devices we own. This information is then used and sold to other companies that generate algorithms to completely specialize advertising towards the user. Even if cyber security is something a user might have in mind and take extra precautions to protect their online activity, there are still ways around this as Nathan Pettijohn states in article called Of Course Your Phone Is Listening To You, “Even if one of your friends authorized an app on their Facebook, that app still managed to harvest a lot of your data”. This hidden breach of information is something taking over online activities of all users. Do you think your phone is listening to you or are companies respecting your online data?

  19. Just by looking at the title of the blog post, this article tells me and the world how advanced technology is nowadays and how intelligent some human beings are to the point where there are some people and developers out in this world who are smart enough to code a software that can bypass Google’s software during Google Play Store’s security screening. The article also explains that twenty-five malicious Android applications that were made available on the Google Play Store have been downloaded more than 2.1 million times before being taken down also supporting my theory that the source code the malware apps used were advanced enough to bypass the security screening.
    I know for sure that iPhones (or just Apple products in general) are more secure compared to Android devices, that’s because the iPhone’s operating system is a closed system meaning that Apple does not release the source code to the public and other software coders along with Apple owners not being able to change the source code on their devices. On the other hand, Android devices use an open-source code that allows the owners of these devices to mess around with the operating system and it’s software potentially revealing security weaknesses and vulnerabilities by hackers and developers.
    I can understand it would be scary for an Android user while he or she is reading the article. Android devices are often targeted more than Apple because of the open-source code (as mentioned above) along with it’s popularity where more people use Android devices over Apple (possibly due to the fact that most Android phones are significantly cheaper than Apple). Not to mention, the malware that was downloaded onto the android devices merely activated ads on the device’s home screen rather than fully compromising and taking over the device which would be way more serious than just activating ads on one’s device.
    As Google is a giant technology company, I believe that their standards and their security on their Google Play Store should be way higher (around on par with Apple) than it is now. Further exploits and vulnerabilities to an Android user’s device could also lead to Google facing a lawsuit than just merely pretending like nothing ever happened. In the end, I feel like I’m losing faith in Google and its products and services due to Google openly recording and saving personal information and data of its users (a reference to another blog post) and the Google Play Store malware incident in this blog article.

Leave a Reply to Max Nitzberg Cancel reply

Your email address will not be published. Required fields are marked *